CVE-2012-10050P2CRITICALCVSS 9.3PoC≤ 2.11.22025-08-08
CVE-2012-10050 [CRITICAL] CWE-434 CVE-2012-10050: CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the restart_c
CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the restart_circulation_values_write.php script. The application fails to validate or restrict uploaded file types, allowing unauthenticated attackers to upload arbitrary PHP files to the upload/___1/ directory. These files are then accessible via the web server
nvd