2 matches found
CVE-2021-28931
Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...
CVE-2021-28931
Fork CMS 5.9.2 has an arbitrary file upload vulnerability that lets an attacker create or replace arbitrary files in the /themes directory by uploading a crafted ZIP via the Themes panel. CVSS metrics indicate a high impact (CVSS-3.1 base score 8.8, high confidentiality/ integrity/ availability i...