VYPR

vuln-wbce

by Kbgsft

CVEs (1)

  • CVE-2019-17575HigOct 14, 2019
    risk 0.47cvss 7.2epss 0.01

    A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user with admin privileges to rename a media filename and extension. (For example: place PHP code in a .jpg file, and then change the file's base…