Описание
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-8518
- https://lists.debian.org/debian-lts-announce/2020/04/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PRPIFQDGYPQ3F2TF2ETPIL7IYNSVVZQ
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKTNYDBDVJNMVC7QPXQI7CMPLX3USZ2T
- https://lists.horde.org/archives/announce/2020/001285.html
- http://packetstormsecurity.com/files/156872/Horde-5.2.22-CSV-Import-Code-Execution.html
Связанные уязвимости
CVSS3: 9.8
ubuntu
почти 6 лет назад
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.
CVSS3: 9.8
nvd
почти 6 лет назад
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.
CVSS3: 9.8
debian
почти 6 лет назад
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary P ...