woshinibaba222/DoraCMS-File-Upload-Vulnerability

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-49444 ↗	Dec 8, 2023Friday, 8 December 2023, 15:15	5.4 MEDIUM	—
An arbitrary file upload vulnerability in DoraCMS v2.1.8 allow attackers to execute arbitrary code via uploading a crafted HTML or image file to the user avatar.