← Back

Kooboo Cms

kooboo_cms

Vendor: Kooboo • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-36582
1Kooboo
1Kooboo Cms
Jun 17, 2026
Sep 14, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-...Show more
In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can be simply triggered by browsing that URL.Show less
CVE-2021-36581
1Kooboo
1Kooboo Cms
Jun 17, 2026
Sep 14, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the s...Show more
Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server.Show less