2 matches found
CVE-2020-20092
File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code...
CVE-2020-20092
ArticleCMS 1.0 is vulnerable to a file-upload flaw in the image-upload feature at /admin. By spoofing Content-Type: image/jpeg and appending PHP code after the JPEG data, a remote attacker could execute arbitrary PHP code. This claim is consistent across multiple connected records (e.g., Red Hat,...