CVE-2023-36212
CVE-2023-36212 affects Total CMS v1.7.4 and describes an unrestricted file upload vulnerability on the edit page, where uploading a crafted PHP file can lead to remote code execution. The root cause is the lack of proper validation/validation of uploaded files, enabling an attacker to upload exec...