5 matches found
CVE-2021-40097
An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter...
CVE-2021-40097
An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter...
Path traversal
An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter...
CVE-2021-40097
Concrete CMS up to version 8.5.5 is affected by an authenticated path traversal leading to remote code execution via uploaded PHP code, related to the bFilename parameter. Several sources (NVD/OSV/OpenVAS CNVD) corroborate that concrete/cms 8.5.x prior to 8.5.6 are vulnerable due to a path traver...
CVE-2021-40097
An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter...