CVE-2020-21976
CVE-2020-21976 affects NewsOne CMS v1.1.0 via an arbitrary file upload in the field. Root cause is an unrestricted file upload, enabling attackers to webshell and execute arbitrary commands. CVSSv3.1 base score 8.8 (HIGH) with NETWORK attack vector and LOW access complexity; high impact to confi...