Unrated severityNVD Advisory· Published Dec 25, 2020· Updated Aug 4, 2024
CVE-2020-35709
CVE-2020-35709
Description
bloofoxCMS 0.5.2.1 allows admins to upload arbitrary .php files (with "Content-Type: application/octet-stream") to ../media/images/ via the admin/index.php?mode=tools&page=upload URI, aka directory traversal.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- bloofoxCMS/bloofoxCMSdescription
- Range: = 0.5.2.1
Patches
Vulnerability mechanics
References
1- github.com/alexlang24/bloofoxCMS/issues/7mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.