5 matches found
CVE-2022-24651
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload...
CVE-2022-24651
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload...
CVE-2022-24651
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload...
CVE-2022-24651
CVE-2022-24651 affects SentCMS 4.0.x. The vulnerability allows remote attackers to upload arbitrary files via an unauthorized upload interface at /user/upload/upload, enabling PHP code execution. Multiple sources corroborate that the issue stems from lack of validation of uploaded files. No patch...
CVE-2022-24651
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload...