← Back

CVE-2021-28428

nvd nist
Published: Apr 5, 2022Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality. The original file upload vulnerability (CVE-2020-27387) was remediated by restricting the PHP extensions; however, we confirmed that the filter was bypassed via uploading an arbitrary .htaccess and *.hello files in order to execute PHP code to gain RCE.

Affected (11)

Horizontcms Project
1 product
Horizontcms
Configuration A
11 vulnerable
Vulnerable SoftwareAffected Versions
Horizontcms
Version 1.0.0
Horizontcms
Version 1.0.0 alpha2
Horizontcms
Version 1.0.0 alpha3
Horizontcms
Version 1.0.0 alpha4
Horizontcms
Version 1.0.0 alpha5
Horizontcms
Version 1.0.0 alpha6
Horizontcms
Version 1.0.0 alpha7
Horizontcms
Version 1.0.0 alpha8
Horizontcms
Version 1.0.0 alpha
Horizontcms
Version 1.0.0 beta2
Horizontcms
Version 1.0.0 beta

Related CWEs

CWE-434
Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (4)

Source: cve@mitre.org
Product
Source: cve@mitre.org
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Product
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory

Timeline

No history available yet.