What the vulnerability does
01Description
Unrestricted Upload of File with Dangerous Type vulnerability in CMSSuperHeroes Clanora clanora allows Using Malicious Files.This issue affects Clanora: from n/a through < 1.3.1.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
What the vulnerability does
Unrestricted Upload of File with Dangerous Type vulnerability in CMSSuperHeroes Clanora clanora allows Using Malicious Files.This issue affects Clanora: from n/a through < 1.3.1.
Explanation of Vulnerability in Simple Terms
Clanora versions 1.3.1 and earlier allow unauthenticated attackers to upload files without restriction. An attacker can upload malicious files to the server over the network without needing credentials or user interaction. This can lead to remote code execution, data theft, or site takeover depending on where uploaded files are stored and executed.
What an attacker can do
Upload malicious files to the server and potentially execute code or compromise the site.
Potential impact on your site
Attackers can upload and execute malicious code, steal data, or take over the site without any credentials.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources