CVE-2020-13887

CVE-2020-13887

EPSS 2.4%

documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://hidden-one.co.in/2020/06/17/cve-2020-13887-kordil-edms-through-2-2-60rc3-allows-remote-command-execution/https://sourceforge.net/projects/kordiledms/files/