RSS   Podatności dla 'Dext5'   RSS

2020-06-07
 
CVE-2020-13894

CWE-276
 
 
handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field.

 
2020-05-25
 
CVE-2020-13442

CWE-434
 
 
A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/.

 

 >>> Vendor: Dext5 4 Produkty
Upload
Dext5
Dext5upload
Dext5 editor

Copyright 2024, cxsecurity.com

 

Back to Top