4 matches found
CVE-2021-28428
creationtimestamp| type| source ---|---|--- 2022-04-05 20:29:14+00:00| seen| https://t.me/cibsecurity/40187...
CVE-2021-28428
File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and .hello files using the Media Files upload functionality. The original file upload vulnerability CVE-2020-27387 was remediated by restricting the PHP extensions; however, we confirmed that the filter was...
CVE-2021-28428
CVE-2021-28428 affects HorizontCMS up to version 1.0.0-beta.3. The vulnerability lies in the Media Files upload functionality, where an attacker can bypass a prior filter that restricted PHP extensions and upload arbitrary ".htaccess" and "*.hello" files to achieve remote code execution. The orig...
CVE-2021-28428
File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and .hello files using the Media Files upload functionality. The original file upload vulnerability CVE-2020-27387 was remediated by restricting the PHP extensions; however, we confirmed that the filter was...