Описание
Cockpit CMS arbitrary file upload vulnerability
An arbitrary file upload vulnerability in the Upload Asset function of Cockpit CMS v2.6.3 allows attackers to execute arbitrary code via uploading a crafted .shtml file.
Пакеты
Наименование
cockpit-hq/cockpit
composer
Затронутые версииВерсия исправления
<= 2.6.3
Отсутствует
Связанные уязвимости
CVSS3: 6.1
nvd
больше 2 лет назад
An arbitrary file upload vulnerability in the Upload Asset function of Cockpit CMS v2.6.3 allows attackers to execute arbitrary code via uploading a crafted .shtml file.