NanoCMS Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in NanoCMS version 0.4. This issue arises from an authenticated file upload vulnerability that allows attackers to execute arbitrary code by uploading PHP files through the unvalidated page creation process. The vulnerability exploits the lack of proper input sanitization, enabling authenticated users to upload malicious files to the server's pages directory.

Impact

Exploitation of this vulnerability allows authenticated users to upload PHP files that are executed on the server, leading to remote code execution.

Reproduction

To reproduce this vulnerability, log into the NanoCMS admin panel using the default credentials (admin/demo). Once logged in, navigate to the page creation feature and upload a PHP file containing malicious code. The uploaded file will be saved in the server's pages directory with a .php extension, and the injected code will be executed when the page is accessed.