CVE-2020-13384

Posted on by admin

CVE-2020-13384

Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048.

Source: CVE-2020-13384

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다