An issue exists in Concrete CMS up to and including 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
concretecms concrete cms |
Vulmon