One Article Review
| Source |  CVE Liste |
|---|---|
| Identifiant | 2406959 |
| Date de publication | 2021-02-26 23:15:11 (vue: 2021-02-27 02:05:51) |
| Titre | CVE-2020-36079 |
| Texte | Zenphoto through 1.5.7 is affected by authenticated arbitrary file upload, leading to remote code execution. The attacker must navigate to the uploader plugin, check the elFinder box, and then drag and drop files into the Files(elFinder) portion of the UI. This can, for example, place a .php file in the server's uploaded/ directory. |
| Envoyé | Oui |
| Condensat | 2020 36079 affected arbitrary attacker authenticated box can check code cve directory drag drop elfinder example execution file files leading must navigate php place plugin portion remote server then through upload uploaded/ uploader zenphoto |
| Tags | Guideline |
| Stories | APT 33 |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.