3 matches found
CVE-2020-22151
Permissions vulnerability in Fuel-CMS v.1.4.6 allows a remote attacker to execute arbitrary code via a crafted zip file to the assests parameter of the upload function...
CVE-2020-22151
Permissions vulnerability in Fuel-CMS v.1.4.6 allows a remote attacker to execute arbitrary code via a crafted zip file to the assests parameter of the upload function...
CVE-2020-22151
CVE-2020-22151 affects Fuel-CMS 1.4.6. A crafted zip file uploaded to the assets parameter of the upload function can allow remote code execution. The issue is evidenced across multiple sources (NVD listing with CVSS 3.1/CRITICAL; PT-Security notes recommending disabling the upload function until...