← back
CVE-2020-10389

CVE-2020-10389

EPSS 4.9%
admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by injecting PHP code into any POST parameter when saving global settings.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://antoniocannito.it/?p=137#rce2http://packetstormsecurity.com/files/156751/PHPKB-Multi-Language-9-Authenticated-Remote-Code-Execution.htmlhttps://antoniocannito.it/phpkb1#authenticated-remote-code-execution-cve-2020-10389https://www.exploit-db.com/exploits/48219