Lucene search
MitreCVELIST:CVE-2020-27387HistoryNov 05, 2020 - 1:18 a.m.
CVE-2020-27387
2020-11-0501:18:12
mitre
www.cve.org
7
horizontcms
file upload
authenticated remote attacker
php code
http get request
An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker (with access to the FileManager) to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager’s rename function to provide the payload (which will receive a random name on the server) with the PHP extension, and finally executing the PHP file via an HTTP GET request to /storage/<php_file_name>. NOTE: the vendor has patched this while leaving the version number at 1.0.0-beta.
Related
metasploit
metasploit
HorizontCMS Arbitrary PHP File Upload
2020-11-02 18:01:13
packetstorm
packetstorm
HorizontCMS 1.0.0-beta Shell Upload
2020-11-13 00:00:00
nvd
nvd
CVE-2020-27387
2020-11-05 02:15:12
CVE-2021-28428
2022-04-05 16:15:11
prion
prion
Unrestricted file upload
2020-11-05 02:15:00
Unrestricted file upload
2022-04-05 16:15:00
cve
cve
CVE-2020-27387
2020-11-05 02:15:12
CVE-2021-28428
2022-04-05 16:15:11
osv
osv
CVE-2020-27387
2020-11-05 02:15:12
CVE-2021-28428
2022-04-05 16:15:11
zdt
zdt
HorizontCMS 1.0.0-beta Shell Upload Exploit
2020-11-14 00:00:00
cvelist
cvelist
CVE-2021-28428
2022-04-05 15:37:31
rapid7blog
rapid7blog
Metasploit Wrap-Up
2020-11-20 19:52:29