VYPR
Unrated severityNVD Advisory· Published Oct 11, 2021· Updated Aug 4, 2024

CVE-2021-40188

CVE-2021-40188

Description

PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerability. The File Manager function in admin panel does not filter all PHP extensions such as ".php, .php7, .phtml, .php5, ...". An attacker can upload a malicious file and execute code on the server.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.