CVE-2014-2089
CVE-2014-2089
ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via an e-mail attachment that leads to creation of a .php file with a certain client_id pathname.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/125350/ILIAS-4.4.1-Cross-Site-Scripting-Shell-Upload.htmlunverifiedexploitdbwww.exploit-db.com/exploits/31833unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →