Security Advisory

CVE-2023-53892

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-15 20:28:24

Last updated 2026-04-07 14:07:16

Assigner VulnCheck

State PUBLISHED

Description

Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugins PHP file with a code parameter.

← Browse all CVEs View on cve.org ↗