Описание
Melis Platform CMS Unauthenticated File Upload Leading to RCE
File upload leading to remote code execution (RCE) in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm' using the 'mcsdetail_img' parameter.
Пакеты
Наименование
melisplatform/melis-cms-slider
composer
Затронутые версииВерсия исправления
< 5.3.1
5.3.1
Связанные уязвимости
nvd
4 месяца назад
File upload leading to remote code execution (RCE) in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm' using the 'mcsdetail_img' parameter.