1 results (0.004 seconds)
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-21976
https://notcve.org/view.php?id=CVE-2020-21976
An arbitrary file upload in the <input type="file" name="user_image"> component of NewsOne CMS v1.1.0 allows attackers to webshell and execute arbitrary commands. Una carga arbitraria de archivos en el componente (input type="file" name="user_image") de NewsOne CMS versión v1.1.0, permite a atacantes realizar un webshell y ejecutar comandos arbitrarios • https://cxsecurity.com/issue/WLB-2020010143 • CWE-434: Unrestricted Upload of File with Dangerous Type •