VYPR
Unrated severityNVD Advisory· Published Sep 23, 2019· Updated Aug 5, 2024

CVE-2019-16720

CVE-2019-16720

Description

ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file.

Affected products

2
  • ZZZCMS/zzzphpdescription
  • Zzcms/Zzzphpllm-fuzzy
    Range: <=1.7.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.