CVE-2016-20052 in Snews CMSinformação

Sumário (Inglês)

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snews_files directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by accessing the uploaded file path to achieve remote code execution.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsável

VulnCheck

Reservar

04/04/2026

Divulgação

04/04/2026

Estado

Confirmado

Inscrições

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilidadeCWEExpConCVE
355352Snews CMS Elevação de Privilégios434Prova de conceitoNão definidoCVE-2016-20052

Descrição

CPE

CWE

CVSS

Explorações

História

Diferença

Relacionar

Inteligência de ameaças

API JSON

API XML

API CSV

Fontes

VoltarVisão GeralPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!