CVE-2023-3852 – OpenRapid RapidCMS upload.php unrestricted upload

https://notcve.org/view.php?id=CVE-2023-3852

23 Jul 2023 — A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/upload.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. • https://github.com/OpenRapid/rapidcms/commit/4dff387283060961c362d50105ff8da8ea40bcbe • CWE-434: Unrestricted Upload of File with Dangerous Type •