CVE-2020-19786 – This vulnerability allows attackers to upload m... (How to Fix)

Q: What is the severity of CVE-2020-19786?

CVE-2020-19786 has a CVSS score of 8.8 (HIGH). This vulnerability allows attackers to upload malicious PHP files through CSZ CMS's file upload functionality, leading to remote code execution. It affects all users running CSKaza CSZ CMS versions before 1.2.4. Attackers can take full control of affected web servers.

📋 TL;DR

This vulnerability allows attackers to upload malicious PHP files through CSZ CMS's file upload functionality, leading to remote code execution. It affects all users running CSKaza CSZ CMS versions before 1.2.4. Attackers can take full control of affected web servers.

💻 Affected Systems

Products:

CSKaza CSZ CMS

Versions: v1.2.2 and earlier (fixed in v1.2.4)

Operating Systems: Any OS running PHP web server

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all installations with file upload functionality enabled.

📦 What is this software?

Csz Cms by Cszcms

View all CVEs affecting Csz Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise allowing data theft, defacement, malware deployment, and lateral movement within the network.

🟠

Likely Case

Webshell installation leading to data exfiltration, credential harvesting, and use as attack platform.

🟢

If Mitigated

Limited impact with proper file upload restrictions and web application firewalls in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires file upload access but is straightforward once obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v1.2.4

Vendor Advisory: https://github.com/cskaza/cszcms/issues/20

Restart Required: No

Instructions:

1. Backup your database and files. 2. Download v1.2.4 from official repository. 3. Replace all files except config.php and uploads directory. 4. Run database update if needed.

🔧 Temporary Workarounds

File Upload Restriction

all

Restrict file uploads to non-executable extensions and implement file type verification

Web Application Firewall

all

Deploy WAF rules to block PHP file uploads and suspicious POST requests

🧯 If You Can't Patch

Disable file upload functionality completely in CMS settings
Implement strict file extension whitelisting and store uploaded files outside web root

🔍 How to Verify

Check if Vulnerable:

Check CMS version in admin panel or via version.php file

Check Version:

grep -r 'CSZ CMS Version' /path/to/cszcms/ or check admin dashboard

Verify Fix Applied:

Confirm version is 1.2.4 or later and test file upload with PHP extension

📡 Detection & Monitoring

Log Indicators:

File uploads with .php extensions
Unusual POST requests to upload endpoints
Webshell access patterns

Network Indicators:

HTTP POST requests with PHP file content
Outbound connections from web server to unknown IPs

SIEM Query:

source="web_logs" (url="*upload*" AND file_extension="php") OR (user_agent="*curl*" AND method="POST")

📊 Metadata

CVE ID: CVE-2020-19786

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-434

Published: March 23, 2023

Last Updated: February 25, 2025

🔗 References

https://github.com/cskaza/cszcms/issues/20 Exploit,Issue Tracking,Third Party Advisory
https://github.com/cskaza/cszcms/issues/20 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-19786, you might also want to check these: