COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2021-36581

CVE-2021-36581

Severity
critical
Source
NVD · cve
Published
2021-09-14
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-36581
⚡ RCE shame 50/100 rce

Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server.

Players implicated

kooboo · vendorkooboo cms · product

Description

Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server.

Sentiment · trusted sources

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.