mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 10:17:57 +00:00
742 B
742 B
CVE-2024-25414
Description
An arbitrary file upload vulnerability in /admin/upgrade of CSZ CMS v1.3.0 allows attackers to execute arbitrary code via uploading a crafted Zip file.
POC
Reference
- https://github.com/capture0x/CSZ_CMS
- https://packetstormsecurity.com/files/175889/CSZ-CMS-1.3.0-Shell-Upload.html