← volver
CVE-2020-22249

CVE-2020-22249

EPSS 2.9%
Remote Code Execution vulnerability in phplist 3.5.1. The application does not check any file extensions stored in the plugin zip file, Uploading a malicious plugin which contains the php files with extensions like PHP,phtml,php7 will be copied to the plugins directory which would lead to the remote code execution
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://drive.google.com/open?id=1znDU4fDKA_seg16mJLLtgaaFfvmf-mS6