CVE-2024-25166

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

Cross Site Scripting vulnerability in 71CMS v.1.0.0 allows a remote attacker to execute arbitrary code via the uploadfile action parameter in the controller.php file.

xiaocheng-keji/71cms
xiaocheng-keji/71cmsUNAVAILABLE
GitHubGitHub
3