CVE-2022-50898 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

NanoCMS 0.4 contains an authenticated file upload vulnerability that allows remote code execution through unvalidated page content creation. Authenticated attac…
High CVSS: 8.6

CVE-2022-50898

NanoCMS 0.4 contains an authenticated file upload vulnerability that allows remote code execution through unvalidated page content creation. Authenticated attackers can upload PHP files with arbitrary code to the server's pages directory by exploiting the page creation mechanism without proper input sanitization.
Vendor
Kalyan02
Product
Nanocms
CWE
CWE-434
Yayın Tarihi
2026-01-13 23:15:51
Güncelleme
2026-01-29 14:16:11
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-434 Nanocms HIGH Kalyan02 2026

Referanslar

https://github.com/ishell/Exploits-Archives/blob/master/2009-exploits/0904-exploits/nanocms-multi.txt https://github.com/kalyan02/NanoCMS https://www.exploit-db.com/exploits/50997 https://www.vulncheck.com/advisories/nanocms-remote-code-execution-rce-authenticated https://github.com/ishell/Exploits-Archives/blob/master/2009-exploits/0904-exploits/nanocms-multi.txt