CVE-2016-20052

CRITICAL

Snews CMS 1.7 Unrestricted File Upload via snews_files

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-20052. PoCs published by Amir.ght.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file upload vulnerability in Snews CMS 1.7, allowing an attacker to upload a malicious PHP file (shell.php) without proper file extension restrictions. The PoC includes a crafted multipart/form-data request to bypass upload filters and achieve remote code execution.

Description

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snews_files directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by accessing the uploaded file path to achieve remote code execution.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Amir.ght · textwebappsphp

https://www.exploit-db.com/exploits/40706

View Code ZIP pw:eip

This exploit demonstrates an arbitrary file upload vulnerability in Snews CMS 1.7, allowing an attacker to upload a malicious PHP file (shell.php) without proper file extension restrictions. The PoC includes a crafted multipart/form-data request to bypass upload filters and achieve remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Snews CMS 1.7

Auth required

Prerequisites: admin access to the upload functionality

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Apr 07, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit exploit

ExploitDB-40706

https://www.exploit-db.com/exploits/40706

Third Party Advisory third-party-advisory

VulnCheck Advisory: Snews CMS 1.7 Unrestricted File Upload via snews_files

https://www.vulncheck.com/advisories/snews-cms-unrestricted-file-upload-via-snews-files

Scores

CVSS v3 9.8

EPSS 0.0046

EPSS Percentile 64.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-434

Status published

Products (2)

snewscms/snews < 1.7

Snewscms/Snews CMS upload sheller 1.7

Published Apr 04, 2026

Tracked Since Apr 04, 2026