Kooboo

kooboo

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Kooboo Cms

kooboo_cms

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-36582 1Kooboo 1Kooboo Cms Jun 17, 2026 Sep 14, 2021 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-...Show more In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can be simply triggered by browsing that URL.Show less
CVE-2021-36581 1Kooboo 1Kooboo Cms Jun 17, 2026 Sep 14, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the s...Show more Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2021-36582

1Kooboo

1Kooboo Cms

Jun 17, 2026

Sep 14, 2021

N/A· v4

9.8 CRITICAL· v3

10.0 HIGH· v2

In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-...Show more

CVE-2021-36581