In BlackCat CMS 1.2, remote authenticated users can upload any file via the media upload function in backend/media/ajax_upload.php, as demonstrated by a ZIP archive that contains a .php file.
CPE | Name | Operator | Version |
---|---|---|---|
blackcatcms | eq | 1.0.2 | |
blackcatcms | eq | 1.0.1 | |
blackcatcms | eq | 1.0 | |
blackcatcms | eq | 1.0.3 | |
blackcatcms | eq | 1.0.2a | |
blackcatcms | eq | 1.2 | |
blackcatcms | eq | 1.1 |