RSS   Vulnerabilities for 'Pligg'   RSS

2020-09-13
 
CVE-2020-25287

CWE-434
 

 
Pligg 2.0.3 allows remote authenticated users to execute arbitrary commands because the template editor can edit any file, as demonstrated by an admin/admin_editor.php the_file=..%2Findex.php&open=Open request.

 


Copyright 2024, cxsecurity.com

 

Back to Top