| Title | flusity-CMS Unrestricted Upload of File with Dangerous Type |
|---|
| Description | flusity-CMS is a content management system. There is not enough file filtering on the upload page, so any php file can be uploaded. Webshell can be uploaded to obtain server permissions.
## Affected version:
flusity-CMS
## Vendor:
https://github.com/flusity/flusity-CMS
## Software:
https://github.com/flusity/flusity-CMS
## Vulnerability File:
upload.php |
|---|
| Source | ⚠️ https://github.com/flusity/flusity-CMS/issues/4 |
|---|
| User | zihe (UID 56943) |
|---|
| Submission | 10/25/2023 14:30 (3 years ago) |
|---|
| Moderation | 10/26/2023 20:14 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 243643 [flusity CMS core/tools/upload.php handleFileUpload uploaded_file unrestricted upload] |
|---|
| Points | 18 |
|---|