← Back

Newsone Cms

newsone_cms

Vendor: Newsone Cms Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-21976
1Newsone Cms Project
1Newsone Cms
Jun 17, 2026
Aug 11, 2021
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
An arbitrary file upload in the <input type="file" name="user_image"> component of NewsOne CMS v1.1.0 allows attackers to webshell and execute arbitrary commands.