Vulnerabilities (CVE)

Filtered by vendor Flexdotnetcms Project Subscribe
Filtered by product Flexdotnetcms
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-27385 1 Flexdotnetcms Project 1 Flexdotnetcms 2024-02-28 5.5 MEDIUM 8.1 HIGH
Incorrect Access Control in the FileEditor (/Admin/Views/FileEditor/) in FlexDotnetCMS before v1.5.11 allows an authenticated remote attacker to read and write to existing files outside the web root. The files can be accessed via directory traversal, i.e., by entering a .. (dot dot) path such as ..\..\..\..\..\<file> in the input field of the FileEditor. In FlexDotnetCMS before v1.5.8, it is also possible to access files by specifying the full path (e.g., C:\<file>). The files can then be edited via the FileEditor.
CVE-2020-27386 1 Flexdotnetcms Project 1 Flexdotnetcms 2024-02-28 6.5 MEDIUM 8.8 HIGH
An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allows an authenticated remote attacker to upload and execute arbitrary files by using the FileManager to upload malicious code (e.g., ASP code) in the form of a safe file type (e.g., a TXT file), and then using the FileEditor (in v1.5.8 and prior) or the FileManager's rename function (in v1.5.7 and prior) to rename the file to an executable extension (e.g., ASP), and finally executing the file via an HTTP GET request to /<path_to_file>.