1. Unrestricted File Upload Vulnerability (CVE-2022-3771): The first vulnerability allows attackers to perform unrestricted file uploads through the function `Upload::file` in the `helpers/Upload.php` file of the File Upload Management component. Attackers can exploit this vulnerability remotely, potentially leading to unauthorized access, data manipulation, and disruption of the system’s availability. An exploit for this vulnerability is known, making it crucial for users to update their easyii CMS installations to a patched version.
2. Remote Code Execution (RCE) via File Upload: The second vulnerability was discovered in the same `getFileName` function within `helpers/Upload.php`. This vulnerability allows an attacker to manipulate the uploaded filename and append a malicious file extension, such as “.php.” If the application fails to properly validate the file type and blindly concatenates the extension, the uploaded file could be executed as PHP code by the web server. This results in potential RCE, giving the attacker full control over the system.
