ChillyCMS Arbitrary File Upload Vulnerability Network Vulnerability

Summary

chillyCMS is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation other attacks are also possible. chillyCMS version 1.1.3 is vulnerable other versions may also be affected.

References

https://www.securityfocus.com/bid/43263

Updated on 2017-03-28

Severity

Classification

CVSS	Base Score: 4.6 AV:N/AC:H/Au:S/C:P/I:P/A:P

Related Vulnerabilities

12Planet Chat Server one2planet.infolet.InfoServlet XSS
123 Flash Chat Multiple Security Vulnerabilities
APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
Apache Tomcat TroubleShooter Servlet Installed
Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability

chillyCMS Arbitrary File Upload Vulnerability

Take action and discover your vulnerabilities