1.2.3

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-26	CVE-2019-15524	Unrestricted Upload of File with Dangerous Type vulnerability in Cszcms CSZ CMS 1.2.3 CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by a .php file to admin/filemanager in the File Management Module, which leads to remote code execution by visiting a photo/upload/2019/ URI. network low complexity cszcms CWE-434	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.