CVE-2021-36532

2023-02-0300:00:00

mitre

www.cve.org

portfoliocms vulnerability

remote code execution

fileext parameter

8.4 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.8%

JSON

Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.

References

github.com/excellentoldtv/portfolioCMS-issues/issues/1