CVE-2020-35131

CVE-2020-35131

Cockpit before 0.6.1 allows an attacker to inject custom PHP code and achieve Remote Command Execution via registerCriteriaFunction in lib/MongoLite/Database.php, as demonstrated by values in JSON data to the /auth/check or /auth/requestreset URI.

Source: CVE-2020-35131

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다