EUVD-2021-12737

Malware in sbrugna...

CVE-2021-25856

An issue was discovered in pcmt superMicro-CMS version 3.11, allows attackers to delete files via crafted image file in images.php...

Code injection

An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the fonttype parameter to setup.php...

CVE-2021-25856

An issue in pcmt superMicro-CMS version 3.11 allows attackers to delete files via a crafted image file in images.php . Root cause: an arbitrary file deletion vulnerability in the image handling logic. Impact: deletion of arbitrary files (as described in CVE-2021-25856); exploitation status is not...

CVE-2021-25857

The CVE-2021-25857 issue affects pcmt superMicro-CMS version 3.11. An authenticated attacker can trigger arbitrary code execution via the font_type parameter in setup.php. Root cause and impact are described across multiple sources consistently, but no explicit remediation details (patch version ...

CVE-2021-25857

An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the fonttype parameter to setup.php...

PT-2023-12080 · Supermicro · Pcmt Supermicro-Cms

Name of the Vulnerable Software and Affected Versions: pcmt superMicro-CMS version 3.11 Description: An issue was discovered that allows attackers to delete files via a crafted image file in the images.php file. Recommendations: For pcmt superMicro-CMS version 3.11, consider restricting access to...