CVE-2021-41729

CRITICAL

9.1

CVSS Severity Score

EPSS Score0.0990%

EPSS Percentile35.05th

Published2021年9月30日

Last Modified2024年11月21日

Vulnerability Description

BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an attacker to delete arbitrary files on the server through /user/ppsave.php.

Affected Platforms (CPE)

📦

Baicloud Cms Project

Baicloud Cms

= 2.5.7

References & Advisories

🔗 https://github.com/meiko-S/BaiCloud-cms/issues/3

相关漏洞威胁

CVE-2021-443028.8

BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidu_map parameters in /u...

CVE-2021-4422810.0

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration...

CVE-2021-4155610.0

sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to ...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.