4 matches found
CVE-2021-28428
CVE-2021-28428 affects HorizontCMS up to version 1.0.0-beta.3. The vulnerability lies in the Media Files upload functionality, where an attacker can bypass a prior filter that restricted PHP extensions and upload arbitrary ".htaccess" and "*.hello" files to achieve remote code execution. The orig...
CVE-2020-27387
HorizontCMS 1.0.0-beta is affected by an unrestricted PHP file upload vulnerability in the FileManager. An authenticated user can upload a PHP payload via /admin/file-manager/fileupload, get it renamed to a random name with a .php extension, and then trigger execution by accessing /storage/. This...
CVE-2022-25104
CVE-2022-25104 affects HorizontCMS v1.0.0-beta.2, where an arbitrary file download vulnerability exists via the /admin/file-manager/ component. The available sources consistently describe the issue as an arbitrary file download, but do not provide concrete details on the exact root cause, impacte...
CVE-2020-28693
CVE-2020-28693 concerns HorizontCMS 1.0.0-beta where an authenticated user can upload a ZIP theme containing PHP code, enabling unrestricted file upload. The attacker can subsequently trigger execution by issuing an HTTP GET to /themes/, potentially compromising server-side code. The sources desc...