1 results (0.010 seconds)
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-11807
https://notcve.org/view.php?id=CVE-2020-11807
19 May 2020 — Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code (and sometimes terminal commands) on a server by making an avatar update and then visiting the avatar file under the /images/ path. Debido a una Carga Sin Restricciones de un archivo con un Dangerous Type, Sourcefabric Newscoop versión 4.4.7, permite a un usuario autenticado ejecutar código PHP arbitrario (y, a veces, comandos de terminal) en un servidor al r... • https://gist.github.com/V-Rico/82e9e52ac451dc20eef87b0999b3b1ee • CWE-434: Unrestricted Upload of File with Dangerous Type •