CVE-2017-14050 in BlackCat CMS
Summary
In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file.
Reservation
08/30/2017
Disclosure
08/31/2017
Entries
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerability | CWE | Exp | Cou | CVE |
|---|---|---|---|---|---|
| 106020 | BlackCat CMS install.php unrestricted upload | 434 | Not defined | Not defined | CVE-2017-14050 |