CVE-2020-5593

CVE-2020-5593

EPSS 1.2%

Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file.

Affected products

Zenphoto · Zenphoto

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://jvn.jp/en/jp/JVN32252648/index.html https://www.zenphoto.org/news/zenphoto-1.5.7/