Unrestricted File Upload Vulnerability in BlackCat CMS 1.2.2
CVE-2017-14399 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajax_rename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php.
Learn more about our Cms Pen Testing.