CVE-2021-36532 Information

Description

Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.

Reference

https://github.com/excellentoldtv/portfolioCMS-issues/issues/1