CVE-2019-6289

CVE-2019-6289

uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename.

Source: CVE-2019-6289

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다