5 matches found
CVE-2021-39608
Remote Code Execution RCE vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code...
Remote code execution
Remote Code Execution RCE vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code...
CVE-2021-39608
Remote Code Execution RCE vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code...
CVE-2021-39608
FlatCore-CMS 2.0.7 is vulnerable to remote code execution via the upload addon plugin, allowing a remote attacker to execute arbitrary PHP code. Public material across multiple feeds (NVD, RH/CVE, CNVD, OSV, CNVD) confirms RCE through the addon upload path. An exploit script exists publicly (Expl...
CVE-2018-19355
modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop 1.5 through 1.7 allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product for upload destinations under...