Westboy CicadasCMS Unrestricted File Upload Vulnerability

Vulnerability

A critical vulnerability allowing arbitrary file upload has been identified in Westboy CicadasCMS version 1.0. This issue resides within the JSP Parser component, specifically in the '/upload/' directory. The vulnerability arises from improper handling of the 'File' argument, which enables unrestricted file uploads. This flaw can be exploited remotely, potentially allowing the upload of malicious files that could be executed within the application's environment.

Impact

Exploitation of this vulnerability could lead to unauthorized file uploads, including potentially malicious files that could be executed within the application's environment. This poses a significant risk, as it could be used to execute arbitrary code or disrupt normal application operations.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Westboy CicadasCMS Unrestricted File Upload Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating