cvedb.io
CVE-2021-36581
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2021-09-14T12:15:09.847 · Last modified 2026-06-17T03:58:57.180

Summary

Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server.

Affected products

kooboo — kooboo_cms

Does this affect you?

Add your gear to cvedb and we'll alert you only when kooboo ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.