Key Information Vulnerability Description Vulnerability Name: FeehiCMS up to 2.1.1 Index.php CreateBanner BannerForm[img] Unrestricted Upload Vulnerability ID: VDB-276070, CVE-2024-8295 Affected Versions: FeehiCMS up to 2.1.1 Affected File: /admin/index.php?r=banner%2Fbanner-create Vulnerability Type: Unrestricted Upload CWE Definition: CWE-434 Impact: Allows upload or transmission of dangerous file types that can be automatically processed. CVSS Meta Temp Score Score: 6.0 Current Exploit Price Price Range: $0-$5k CTI Interest Score Score: 0.70 Impact Impact Type: May affect confidentiality, integrity, and availability. Advisory Advisory Link: gitee.com Vulnerability ID: CVE-2024-8295 Exploit Difficulty: Easy Exploit Method: Remote Exploitation Public Disclosure: Publicly disclosed Technical Details: Known Public Exploit: Known CVE: T1608.002 MITRE ATT&CK: Assigned by MITRE ATT&CK project Remediation Recommendation: May require replacing affected components. Alternative Products: None Related Links Similar Entries: VDB-213788, VDB-215944, VDB-215945, VDB-215946 Summary This vulnerability is an unrestricted upload flaw affecting a specific file in FeehiCMS up to version 2.1.1. Exploiting this vulnerability allows attackers to upload dangerous file types, potentially impacting the confidentiality, integrity, and availability of the system. Affected users are advised to take remedial actions promptly, such as replacing affected components or adopting alternative products.