Monstra CMS 3.0.4 allows remote... CVE-2020-13384

- AV AC AU C I A
发布: 2020-05-22
修订: 2020-06-01

Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048.

0%
暂无可用Exp或PoC
产品及版本信息(CPE)暂不可用