← back
CVE-2018-1000619

CVE-2018-1000619

EPSS 2.3%
Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution. This attack appear to be exploitable via The attacker must have permission to upload addons.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://drive.google.com/open?id=195h-LirGiIVKxioyusw3SvmLp8BljPxehttps://www.ovidentia.org/index.php?https://www.ovidentia.org/modules