CVE-2021-41729

CRITICAL

9.1

CVSS Severity Score

EPSS Score0.0990%

EPSS Percentile35.05th

Published2021年9月30日

Last Modified2024年11月21日

Vulnerability Description

BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an attacker to delete arbitrary files on the server through /user/ppsave.php.

Affected Platforms (CPE)

📦

Baicloud Cms Project

Baicloud Cms

= 2.5.7

References & Advisories

🔗 https://github.com/meiko-S/BaiCloud-cms/issues/3

相關漏洞威脅

CVE-2021-443028.8

BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidu_map parameters in /u...

CVE-2021-4422810.0

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration...

CVE-2021-024810.0

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks ...

CVE-2021-224410.0

Vulnerability in the Hyperion Analytic Provider Services product of Oracle Hyperion (component: JAPI) and Essbase Analytic Provide...