CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-15524

CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by a .php file to admin/filemanager in the File Management Module, which leads to remote code execution by visiting a photo/upload/2019/ URI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.024

EPSS Ranking 84.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://pastebin.com/vbx4JWQh
https://www.cszcms.com
https://pastebin.com/vbx4JWQh
https://www.cszcms.com

Products affected by CVE-2019-15524

Cszcms » Csz Cms » Version: 1.2.3

cpe:2.3:a:cszcms:csz_cms:1.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-15524

Products

Pricing

Contact Us