← voltar
CVE-2020-22249

CVE-2020-22249

EPSS 2.9%
Remote Code Execution vulnerability in phplist 3.5.1. The application does not check any file extensions stored in the plugin zip file, Uploading a malicious plugin which contains the php files with extensions like PHP,phtml,php7 will be copied to the plugins directory which would lead to the remote code execution
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://drive.google.com/open?id=1znDU4fDKA_seg16mJLLtgaaFfvmf-mS6