| ID | CVE-2017-14399 | ||||||
| Sažetak | In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajax_rename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:L/Au:S/C:P/I:P/A:P | ||||||
| Zadnje važnije ažuriranje | 19-09-2017 - 17:47 | ||||||
| Objavljeno | 12-09-2017 - 21:29 |
