vendor:
BoidCMS
by:
1337kid
7.1
CVSS
HIGH
authenticated file upload vulnerability
CWE
Product Name: BoidCMS
Affected Version From: <= 2.0.0
Affected Version To: 2.0.0
Patch Exists: NO
Related CWE: CVE-2023-38836
CPE:
Platforms Tested: Ubuntu
2023
BoidCMS v2.0.0 – authenticated file upload vulnerability
This exploit allows an attacker to upload a malicious file to the BoidCMS version 2.0.0 or below, leading to remote code execution. The vulnerability is identified by CVE-2023-38836.
Mitigation:
Update BoidCMS to a version that is not vulnerable.
