How severe is CVE-2021-36532?

CVE-2021-36532 has a CVSS v3 score of 8.1 (HIGH).

CVE-2021-36532

Name: portfoliocms
Author: portfoliocms_project

8.1HIGH

Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.

Published: 2/3/2023Updated: 3/26/2025

Description

Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.

AI AnalysisPowered by AI

Affected Products

portfoliocms_projectportfoliocms

1.0.0

References

https://github.com/excellentoldtv/portfolioCMS-issues/issues/1
ExploitThird Party Advisory
https://github.com/excellentoldtv/portfolioCMS-issues/issues/1
ExploitThird Party Advisory