Security Advisory

CVE-2021-40188

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-11 18:41:31

Last updated 2024-08-04 02:27:31

Assigner mitre

State PUBLISHED

Description

PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerability. The File Manager function in admin panel does not filter all PHP extensions such as ".php, .php7, .phtml, .php5, ...". An attacker can upload a malicious file and execute code on the server.

← Browse all CVEs View on cve.org ↗