CVE-2021-39608

Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code.

Summary:

Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code.

Reference Links(if available):

  • https://github.com/flatCore/flatCore-CMS/issues/52
  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)