CVE-2021-41729

CRITICAL

9.1

CVSS Severity Score

EPSS Score0.0990%

EPSS Percentile35.05th

PublishedSep 30, 2021

Last ModifiedNov 21, 2024

Vulnerability Description

BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an attacker to delete arbitrary files on the server through /user/ppsave.php.

Affected Platforms (CPE)

📦

Baicloud Cms Project

Baicloud Cms

= 2.5.7

References & Advisories

🔗 https://github.com/meiko-S/BaiCloud-cms/issues/3

Related Vulnerabilities

CVE-2021-443028.8

BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidu_map parameters in /u...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-021110.0

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon ...

CVE-2021-2124310.0

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deser...