RSS   Vulnerabilities for 'Fat-free framework'   RSS

2020-03-11
 
CVE-2020-5203

CWE-74
 

 
In Fat-Free Framework 3.7.1, attackers can achieve arbitrary code execution if developers choose to pass user controlled input (e.g., $_REQUEST, $_GET, or $_POST) to the framework's Clear method.

 


Copyright 2024, cxsecurity.com

 

Back to Top