CVE-2020-28688

HIGH

Artworks Gallery IN Php, Css, Javascr... - Unrestricted File Upload

Title source: rule

The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files.

exploitdb WORKING POC

by Shahrukh Iqbal Mirza · textwebappsmultiple

CVSS v3 8.8

EPSS 0.1038

EPSS Percentile 93.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-434

Status published

Products (1)

artworks_gallery_in_php\,_css\,_javascript\,_and_mysql_project/artworks_gallery_in_php\,_css\,_javascript\,_and_mysql 1.0

Published Nov 17, 2020

Tracked Since Feb 18, 2026