How severe is CVE-2021-36532?

CVE-2021-36532 has a CVSS v3 score of 8.1 (HIGH).

CVE-2021-36532

Name: portfoliocms
Author: portfoliocms_project

8.1HIGH

Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.

Опубликовано: 2/3/2023Обновлено: 3/26/2025

Описание

Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.

ИИ-АнализНа базе ИИ

Затронутые продукты

portfoliocms_projectportfoliocms

1.0.0

Ссылки

https://github.com/excellentoldtv/portfolioCMS-issues/issues/1
ExploitThird Party Advisory
https://github.com/excellentoldtv/portfolioCMS-issues/issues/1
ExploitThird Party Advisory