Description
An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file.
Remediation
References
https://gitee.com/mingSoft/MCMS/issues/I56AID
Related Vulnerabilities
CVE-2020-28435 Vulnerability in npm package ffmpeg-sdk
CVE-2023-37899 Vulnerability in npm package @feathersjs/transport-commons
CVE-2016-10531 Vulnerability in npm package marked
CVE-2023-40037 Vulnerability in maven package org.apache.nifi:nifi-dbcp-service-api
CVE-2022-40084 Vulnerability in maven package org.opencrx:opencrx-core