CuteNews 2.1.2 - CVE-2019-11447 Proof-Of-Concept
sadnews CuteNews 212 - CVE-2019-11447 Proof-Of-Concept POC by CRFSlick, discovered by AkkuS <Özkan Mustafa Akkuş> An issue was discovered in CutePHP CuteNews 212 An attacker can infiltrate the server through the avatar upload process in the profile area via the avatar_file field to indexphp?mod=main&opt=personal There is no effective control