capture0x/CSZ_CMS

Releases0

Stars2

CSZ CMS Version 1.3.0 Remote Command Execution

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-25414 ↗	Feb 16, 2024Friday, 16 February 2024, 02:15	9.8 CRITICAL	—
An arbitrary file upload vulnerability in /admin/upgrade of CSZ CMS v1.3.0 allows attackers to execute arbitrary code via uploading a crafted Zip file.