Описание
juzawebCMS Injection vulnerability
An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function.
Пакеты
Наименование
juzaweb/cms
composer
Затронутые версииВерсия исправления
<= 3.4
Отсутствует
Связанные уязвимости
CVSS3: 7.8
nvd
больше 2 лет назад
An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function.