CVE-2020-29597

Critical

IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated…

mitre·CWE-434·Published 2020-12-07

CVSS

9.8

EPSS

0.72

KEV

Exploits

cve.orgen

176 chars

IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated attackers to upload files into the server.

NVDen

176 chars

IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated attackers to upload files into the server.

IncomCMS versión 2.0 presenta una vulnerabilidad de carga de archivos no segura del archivo modules/uploader/showcase/script.php. Esta vulnerabilidad permite a atacantes no autenticados cargar archivos en el servidor

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H