What the vulnerability does
01Description
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic.This issue affects Blogmatic: from n/a through <= 1.0.3.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
What the vulnerability does
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic.This issue affects Blogmatic: from n/a through <= 1.0.3.
Explanation of Vulnerability in Simple Terms
Blogmatic versions 1.0.3 and earlier allow authenticated users to upload files without proper validation. An attacker with low-level access can upload malicious files to the server, potentially gaining control over the site. The vulnerability affects confidentiality, integrity, and availability of the affected system and potentially other connected systems.
What an attacker can do
Upload malicious files to the server and execute code or compromise the site.
Potential impact on your site
An authenticated user can upload and execute arbitrary files, leading to full site compromise.
Conditions required to exploit
Attacker must have a low-privilege user account on the site.
Key dates
External resources
Related vulnerabilities