2025-03-31 04:54:03
jpcert
PUBLISHED
Untrusted data deserialization vulnerability exists in a-blog cms. Processing a specially crafted request may store arbitrary files on the server where the product is running. This can be leveraged to execute an arbitrary script on the server.