The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file.
Max CVSS
8.5
EPSS Score
3.37%
Published
2014-05-23
Updated
2014-06-27
1 vulnerabilities found