Key Information Vulnerability Overview Vulnerability Name: MaxSite CMS v109 File Write Vulnerability Affected Versions: MaxSite CMS v109 Vulnerability Type: File Write Vulnerability Description MaxSite CMS v109 contains a file write vulnerability that can be exploited via the script. Impact Attackers can exploit this vulnerability to write arbitrary files on the server, potentially leading to remote code execution. By crafting specific requests, attackers can create or overwrite files on the target system. Exploitation Requirements Access to the script is required. Attackers must know the target system's specific paths and configurations. Mitigation Recommendations Upgrade MaxSite CMS to the latest version to include security patches. Review and harden file upload and processing functionalities to prevent unauthorized file write operations. Proof of Concept (PoC) Summary This vulnerability allows attackers to write arbitrary files on the server via the script, posing a serious security risk. It is recommended to upgrade to the latest version as soon as possible and implement appropriate security measures.