** DISPUTED ** Typesetter CMS 5.x... CVE-2020-25790

- AV AC AU C I A
发布: 2020-09-19
修订: 2020-11-30

** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being fixed for 5.2.

0%
暂无可用Exp或PoC
产品及版本信息(CPE)暂不可用