Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://kooboo.com | |
https://github.com/l00neyhacker/CVE-2021-36581/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-09-14T11:40:03
Updated: 2024-08-04T01:01:57.808Z
Reserved: 2021-07-12T00:00:00
Link: CVE-2021-36581
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-09-14T12:15:09.847
Modified: 2021-09-24T12:57:21.383
Link: CVE-2021-36581
Redhat
No data.