2022-03-18 22:25:21
mitre
PUBLISHED
Classcms v2.5 and below contains an arbitrary file upload via the component classclassupload. This vulnerability allows attackers to execute code injection via a crafted .txt file.