3 matches found
CVE-2021-3745
flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type...
CVE-2021-3745 Unrestricted Upload of File with Dangerous Type in flatcore/flatcore-cms
flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type...
CVE-2021-3745
CVE-2021-3745 affects flatcore-cms and stems from an unrestricted file upload in the gallery upload path (files.upload_gallery.php). The provided PoC demonstrates uploading a PHP payload and then requesting the generated file to obtain a shell, indicating potential remote code execution with admi...