Vulnerability Details CVE-2020-21356
An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path disclosure of the host when 'name = "file" is deleted during file uploads.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.7%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
Products affected by CVE-2020-21356
-
cpe:2.3:a:popojicms:popojicms:1.2