MidnightBSD

Advisories for coscms

CVE-2013-1668 HIGH

The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
coscms coscms *
coscms coscms 1.3
coscms coscms 1.41