Unrestricted file upload

File Upload vulnerability in balerocms-src 0.8.3 allows remote attackers to run arbitrary code via rich text editor on /admin/main/mod-blog page...

CVE-2021-35290

CVE-2021-35290 is a file upload vulnerability in balerocms-src 0.8.3 that allows remote code execution via the rich text editor on the /admin/main/mod-blog page. Connected sources confirm the affected software and the root cause (unrestricted upload through the editor). Practical impact is arbitr...

PT-2023-12257 · Unknown · Balerocms-Src

Name of the Vulnerable Software and Affected Versions: balerocms-src version 0.8.3 Description: The issue allows remote attackers to run arbitrary code via a rich text editor on the "/admin/main/mod-blog" page. This is a result of a File Upload vulnerability. Recommendations: For balerocms-src...

balerocms-src 代码问题漏洞

balerocms-src is the source code for Balero CMS. A security vulnerability exists in balerocms-src version 0.8.3, which originates from a vulnerability that allows remote attackers to run arbitrary code via a rich text editor on the /admin/main/mod-blog page...