Submeter #645540: Siempre CMS 1.3.6 Unauthenticated File Upload Allows Server Floodinginformação

TítuloSiempre CMS 1.3.6 Unauthenticated File Upload Allows Server Flooding
DescriçãoAn attacker can upload files to arbitrary directories under ../media/, including hidden module directories. While uploaded files cannot be executed as PHP scripts in this setup, the vulnerability allows flooding a specific directory with large numbers of files, potentially exhausting disk space, degrading server performance, or causing denial-of-service conditions.
Fonte⚠️ https://github.com/drew-byte/SiempreCMS-File-Upload-Abuse/blob/main/README.md
Utilizador
 drewbyte (UID 89075)
Submissão01/09/2025 21h52 (há 9 meses)
Moderação08/09/2025 16h35 (7 days later)
EstadoAceite
Entrada VulDB323085 [SiempreCMS até 1.3.6 file_upload.php Elevação de Privilégios]
Pontos18

VoltarVisão GeralPróximo

Do you know our Splunk app?

Download it now for free!