2 matches found
CVE-2019-15524
CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by a .php file to admin/filemanager in the File Management Module, which leads to remote code execution by visiting a photo/upload/2019/ URI...
CVE-2019-15524
CSZ CMS 1.2.3 contains an arbitrary file upload vulnerability in the File Management Module (admin/filemanager) that enables remote code execution via the URI photo/upload/2019/. Several sources (CNVD, RH/Red Hat, PRION, CVE listings) corroborate RCE potential; no explicit patch/version is provid...