2 matches found
CVE-2020-21174
File Upload vulenrability in liufee CMS v.2.0.7.1 allows a remote attacker to execute arbitrary code via the image suffix function...
CVE-2020-21174
CVE-2020-21174 affects liufee CMS v2.0.7.1. The vulnerability is a file-upload flaw in the image suffix function that allows a remote attacker to execute arbitrary code. Root cause is a lack of validation in the image suffix handling. Impact is high (remote code execution) per CVSS 3.1/9.8, but t...