6 matches found
CVE-2022-50916
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrators to override server files through the Media Manager import functionality. Attackers can exploit the upload mechanism by manipulating the upload URL parameter to overwrite existing files like top.ph...
CVE-2022-50916
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrators to override server files through the Media Manager import functionality. Attackers can exploit the upload mechanism by manipulating the upload URL parameter to overwrite existing files like top.ph...
CVE-2022-50907
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrative users to bypass upload restrictions and execute PHP files. Attackers can upload malicious PHP files to parent directories by manipulating the upload URL parameter, enabling remote code execution...
CVE-2022-50907 e107 CMS v3.2.1 - Admin Upload Restriction Bypass + RCE
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrative users to bypass upload restrictions and execute PHP files. Attackers can upload malicious PHP files to parent directories by manipulating the upload URL parameter, enabling remote code execution...
PT-2026-2392
Name of the Vulnerable Software and Affected Versions e107 CMS version 3.2.1 Description The application contains a file upload issue that allows administrators with authentication to overwrite server files using the Media Manager import functionality. Specifically, attackers can manipulate the...
PT-2026-2383
Name of the Vulnerable Software and Affected Versions e107 CMS version 3.2.1 Description e107 CMS version 3.2.1 has a file upload issue. Authenticated administrative users can bypass upload restrictions and execute PHP files. An attacker can upload malicious PHP files to parent directories by...