Lucene search
GoogleOSV:GHSA-RGG3-3WH7-W935HistoryMar 15, 2022 - 12:00 a.m.
Unrestricted Upload of File with Dangerous Type in Zenario CMS
2022-03-1500:00:58
Google
osv.dev
19
zenario cms
file upload
web shell
security vulnerability
EPSS
0.035
Percentile
91.5%
Zenario CMS 9.0.54156 is vulnerable to File Upload. The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth.
References
packetstormsecurity.com/files/166617/Zenario-CMS-9.0.54156-Remote-Code-Execution.html
github.com/hieuminhnv/Zenario-CMS-9.0-last-version/issues/2
github.com/TribalSystems/Zenario
github.com/TribalSystems/Zenario/commit/4566d8a9ac6755f098b3373252fdb17754a77007
github.com/TribalSystems/Zenario/releases/tag/9.0.55141
minhnq22.medium.com/file-upload-to-rce-on-zenario-9-0-54156-cms-fa05fcc6cf74
nvd.nist.gov/vuln/detail/CVE-2021-42171
Related
zdt
zdt
Zenario CMS 9.0.54156 - Remote Code Execution (Authenticated) Exploit
2022-04-07 00:00:00
osv
osv
CVE-2021-42171
2022-03-14 15:15:09
githubexploit
githubexploit
exploitdb
exploitdb
Zenario CMS 9.0.54156 - Remote Code Execution (RCE) (Authenticated)
2022-04-07 00:00:00
cnvd
cnvd
Zenario CMS File Upload Vulnerability (CNVD-2022-21547)
2022-03-16 00:00:00
prion
prion
Unrestricted file upload
2022-03-14 15:15:00
github
github
Unrestricted Upload of File with Dangerous Type in Zenario CMS
2022-03-15 00:00:58
nvd
nvd
CVE-2021-42171
2022-03-14 15:15:09
cvelist
cvelist
CVE-2021-42171
2022-03-14 14:51:06
cve
cve
CVE-2021-42171
2022-03-14 15:15:09
packetstorm
packetstorm
Zenario CMS 9.0.54156 Remote Code Execution
2022-04-07 00:00:00