Description
Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file.
Remediation
References
Related Vulnerabilities
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3963)
WordPress Plugin BulletProof Security Cross-Site Scripting (.47)
WebLogic CVE-2020-14841 Vulnerability (CVE-2020-14841)
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.13)
Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-8864)