Description
An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file.
Remediation
References
https://gitee.com/mingSoft/MCMS/issues/I56AID
Related Vulnerabilities
CVE-2021-23449 Vulnerability in npm package vm2
CVE-2018-3754 Vulnerability in npm package query-mysql
CVE-2021-37404 Vulnerability in maven package org.apache.hadoop:hadoop-common
CVE-2019-14862 Vulnerability in maven package org.webjars.bower:knockout
CVE-2023-46122 Vulnerability in maven package org.scala-sbt:sbt