3 matches found
CVE-2020-18166
Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc"...
CVE-2020-18166
Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc"...
CVE-2020-18166
LAOBANCMS v2.0 is affected by an unrestricted file upload vulnerability. The issue resides in the admin/wenjian.php?wj=../templets/pc path, where attaching a file with a ".jpg.php" extension enables remote attackers to upload arbitrary files. Impact is described as arbitrary file upload; no explo...