{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T08:15:20.669","vulnerabilities":[{"cve":{"id":"CVE-2020-27386","sourceIdentifier":"cve@mitre.org","published":"2020-11-12T19:15:15.207","lastModified":"2024-11-21T05:21:08.363","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allows an authenticated remote attacker to upload and execute arbitrary files by using the FileManager to upload malicious code (e.g., ASP code) in the form of a safe file type (e.g., a TXT file), and then using the FileEditor (in v1.5.8 and prior) or the FileManager's rename function (in v1.5.7 and prior) to rename the file to an executable extension (e.g., ASP), and finally executing the file via an HTTP GET request to /<path_to_file>."},{"lang":"es","value":"Un problema de carga de archivos sin restricciones en FlexDotnetCMS versiones anteriores a v1.5.9, permite a un atacante remoto autenticado cargar y ejecutar archivos arbitrarios utilizando FileManager para cargar código malicioso (por ejemplo, código ASP) en forma de un tipo de archivo seguro (por ejemplo, un archivo TXT), y luego usar FileEditor (en versiones v1.5.8 y anteriores) o la función de cambio de nombre del FileManager (en versiones v1.5.7 y anteriores) para cambiar el nombre del archivo a una extensión ejecutable (por ejemplo, ASP), y finalmente ejecutar el archivo por medio de una petición HTTP GET hacia /(path_to_file)"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:flexdotnetcms_project:flexdotnetcms:*:*:*:*:*:*:*:*","versionEndExcluding":"1.5.9","matchCriteriaId":"7A001B50-2AB2-41AF-ADAD-124BDD526B7E"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/160411/FlexDotnetCMS-1.5.8-Arbitrary-ASP-File-Upload.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://blog.vonahi.io/whats-in-a-re-name/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/MacdonaldRobinson/FlexDotnetCMS/releases/tag/v1.5.9","source":"cve@mitre.org","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/rapid7/metasploit-framework/pull/14339","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/160411/FlexDotnetCMS-1.5.8-Arbitrary-ASP-File-Upload.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://blog.vonahi.io/whats-in-a-re-name/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/MacdonaldRobinson/FlexDotnetCMS/releases/tag/v1.5.9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/rapid7/metasploit-framework/pull/14339","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]}]}}]}