{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T23:55:29.457","vulnerabilities":[{"cve":{"id":"CVE-2021-28428","sourceIdentifier":"cve@mitre.org","published":"2022-04-05T16:15:11.880","lastModified":"2024-11-21T05:59:39.253","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality. The original file upload vulnerability (CVE-2020-27387) was remediated by restricting the PHP extensions; however, we confirmed that the filter was bypassed via uploading an arbitrary .htaccess and *.hello files in order to execute PHP code to gain RCE."},{"lang":"es","value":"Una vulnerabilidad en la carga de archivos en HorizontCMS versiones anteriores a 1.0.0-beta.3, por medio de una carga de archivos .htaccess y *.hello usando la funcionalidad Media Files upload. La vulnerabilidad original en la carga de archivos (CVE-2020-27387) fue corregida al restringir las Extensions de PHP; sin embargo, confirmamos que el filtro fue evitado por medio de la carga de un archivo arbitrario .htaccess y *.hello para ejecutar código PHP y conseguir un RCE"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:horizontcms_project:horizontcms:1.0.0:-:*:*:*:*:*:*","matchCriteriaId":"0837AB3F-932A-464D-B078-041C1D167681"},{"vulnerable":true,"criteria":"cpe:2.3:a:horizontcms_project:horizontcms:1.0.0:alpha:*:*:*:*:*:*","matchCriteriaId":"819778BF-D6F0-41DE-ADF2-3BB80E05DD93"},{"vulnerable":true,"criteria":"cpe:2.3:a:horizontcms_project:horizontcms:1.0.0:alpha2:*:*:*:*:*:*","matchCriteriaId":"BDF18A37-08AC-4501-8C15-151DE7B44DED"},{"vulnerable":true,"criteria":"cpe:2.3:a:horizontcms_project:horizontcms:1.0.0:alpha3:*:*:*:*:*:*","matchCriteriaId":"E6F3AB6F-BD6E-4F8C-952F-AB55E11D7D23"},{"vulnerable":true,"criteria":"cpe:2.3:a:horizontcms_project:horizontcms:1.0.0:alpha4:*:*:*:*:*:*","matchCriteriaId":"C1817B54-40E9-4150-8A24-2023FD19BB43"},{"vulnerable":true,"criteria":"cpe:2.3:a:horizontcms_project:horizontcms:1.0.0:alpha5:*:*:*:*:*:*","matchCriteriaId":"A6585D37-41CF-436A-A4AA-F91AE092D288"},{"vulnerable":true,"criteria":"cpe:2.3:a:horizontcms_project:horizontcms:1.0.0:alpha6:*:*:*:*:*:*","matchCriteriaId":"E496572C-0A79-4524-B544-E864FBFEDFD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:horizontcms_project:horizontcms:1.0.0:alpha7:*:*:*:*:*:*","matchCriteriaId":"A7117177-3CD2-4BE9-982A-FBFEF60A7C23"},{"vulnerable":true,"criteria":"cpe:2.3:a:horizontcms_project:horizontcms:1.0.0:alpha8:*:*:*:*:*:*","matchCriteriaId":"EB1E6057-C7F5-4D4F-B112-437C801DCCF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:horizontcms_project:horizontcms:1.0.0:beta:*:*:*:*:*:*","matchCriteriaId":"320BB8EF-D310-4420-9EA9-CA06DFA03DE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:horizontcms_project:horizontcms:1.0.0:beta2:*:*:*:*:*:*","matchCriteriaId":"9840814D-4A55-468B-8F55-EEEE82D7EA29"}]}]}],"references":[{"url":"https://github.com/ttimot24/HorizontCMS","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/ttimot24/HorizontCMS/commit/9c4d6827cbe96decec6834d53660e14ab2bf8838","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/ttimot24/HorizontCMS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/ttimot24/HorizontCMS/commit/9c4d6827cbe96decec6834d53660e14ab2bf8838","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}