2 matches found
CVE-2017-5520
The media rename feature in GeniXCMS through 0.0.8 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to rename and execute files with the .php6, .php7 and .phtml extensions...
CVE-2017-5520
CVE-2017-5520 affects GeniXCMS up to version 0.0.8. The issue is in the media rename feature, which does not consider alternative PHP file extensions when checking uploaded files for PHP content, allowing an attacker to rename and execute files with .php6, .php7, or .phtml extensions. The connect...