CVE-2022-50939
CVE-2022-50939 (e107 CMS 3.2.1) affects the Media Manager’s remote URL upload (image.php) in the admin interface. The upload_caption parameter is not properly sanitized, allowing an authenticated administrator to use directory traversal (../../../) to overwrite arbitrary files outside the intende...