Arbitrary File Upload Vulnerability in Jizhicms v1.5 Allows Remote Code Execution via Crafted .jpg File

Arbitrary File Upload Vulnerability in Jizhicms v1.5 Allows Remote Code Execution via Crafted .jpg File

CVE-2020-21483 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

An arbitrary file upload vulnerability in Jizhicms v1.5 allows attackers to execute arbitrary code via a crafted .jpg file which is later changed to a PHP file.

Learn more about our Cms Pen Testing.