Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
7DescriptionCVE.org
Unrestricted Upload of File with Dangerous Type vulnerability in NasaTheme Flozen allows Upload a Web Shell to a Web Server. This issue affects Flozen: from n/a through n/a.
AnalysisAI
Critical unrestricted file upload vulnerability in NasaTheme Flozen that allows unauthenticated remote attackers to upload and execute web shells on affected servers. This vulnerability affects all versions of Flozen and carries a CVSS score of 10.0 with no authentication or user interaction required. If actively exploited (KEV status pending verification), attackers can achieve complete system compromise including confidentiality breach, integrity violation, and availability disruption.
Technical ContextAI
This vulnerability exploits CWE-434 (Unrestricted Upload of File with Dangerous Type), a fundamental file upload validation flaw in the NasaTheme Flozen platform. The vulnerable component likely resides in the file upload handler that fails to properly validate file types, extensions, MIME types, or content before storing uploaded files in a web-accessible directory. The Flozen theme (likely a WordPress or similar CMS theme) lacks server-side validation to restrict dangerous file types (e.g., .php, .phtml, .jsp, .asp). An attacker can bypass client-side restrictions and upload executable code (web shell) to a location where the web server will interpret and execute it as code rather than serve it as static content. This is compounded by the global CVSS vector (S:C) indicating the impact extends beyond the vulnerable component to the entire system.
RemediationAI
Immediate Actions: (1) Contact NasaTheme for available security patches immediately; vendor advisory/patch URL pending from official sources. (2) If patches unavailable, implement emergency server-side mitigation: disable file upload functionality or restrict uploads to non-executable directories with explicit no-execute (.htaccess or nginx rules). (3) Implement strict file type validation on server-side: whitelist allowed extensions (.jpg, .png, .pdf only), validate MIME types, and scan uploaded content with antivirus/YARA rules. (4) Move upload directory outside web root or disable script execution in upload directory via .htaccess (AddType text/plain .php .phtml .jsp .asp) or nginx configuration (disable php-fpm for uploads directory). (5) Audit server logs and uploaded files for evidence of exploitation; remove any suspicious .php or executable files. (6) Implement Web Application Firewall (WAF) rules to block POST requests with suspicious payloads to upload endpoints. (7) Monitor Flozen GitHub repository and NasaTheme advisory channels for patch release; apply immediately upon availability.
Same technique File Upload
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-28281