SPuerBRead/blackcat-cms-file-upload

Releases0

blackcat cms file upload

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2017-14399 ↗	Sep 12, 2017Tuesday, 12 September 2017, 21:29	—	6.5 MEDIUM
In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajax_rename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php.