Vulnerability CVE-2020-15227


Published: 2020-10-01

Description:
Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE.

Nette is a PHP/Composer MVC Framework.

See advisories in our WLB2 database:
Topic
Author
Date
High
Nette Plugins Remote Command Execution On Laravel
Mr.Fn4ticHz
03.10.2023

Type:

CWE-74

 References:
https://github.com/nette/application/security/advisories/GHSA-8gv3-3j7f-wg94
https://packagist.org/packages/nette/application
https://packagist.org/packages/nette/nette

Copyright 2024, cxsecurity.com

 

Back to Top