CVE-2023-27235

Published March 15th, 2023

View on NVD ↗

CVSS v3

7.2

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file.

Cherry-toto/jizhicms

极致CMS（以下简称:JIZHICMS）是一款开源免费，无商业授权的建站系统。

GitHub

212