CVE-2016-20052 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to th…
Critical CVSS: 9.3

CVE-2016-20052

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snews_files directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by accessing the uploaded file path to achieve remote code execution.
Vendor
-
Product
-
CWE
CWE-434
Yayın Tarihi
2026-04-04 14:16:17
Güncelleme
2026-04-04 14:16:17
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-434 CRITICAL 2026

Referanslar

https://www.exploit-db.com/exploits/40706 https://www.vulncheck.com/advisories/snews-cms-unrestricted-file-upload-via-snews-files