Arbitrary File Download Vulnerability in jizhi CMS 1.9.5 PluginsController.php Component

CVE-2023-38948 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

An arbitrary file download vulnerability in the /c/PluginsController.php component of jizhi CMS 1.9.5 allows attackers to execute arbitrary code via downloading a crafted plugin.

Learn more about our Cms Pen Testing.