Arbitrary PHP File Upload Vulnerability in nc-cms 3.5

Arbitrary PHP File Upload Vulnerability in nc-cms 3.5

CVE-2019-7721 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the index.php?action=save name and editordata parameters.

Learn more about our Cms Pen Testing.