CVE-2021-42675

CVE-2021-42675

EPSS 3.0%

Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://kreado.com http://kreasfero.com https://twitter.com/1ofThegutHakrs/status/1536246485188128768