Описание
An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 6.5.13-1 |
| esm-apps/noble | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| noble | needs-triage | |
| oracular | ignored | end of life, was needs-triage |
| plucky | not-affected | 6.5.13-1 |
| questing | not-affected | 6.5.13-1 |
| upstream | released | 6.5.13-1 |
Показывать по
9.8 Critical
CVSS3
Связанные уязвимости
An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script.
An Eval Injection issue was discovered in Znuny through 7.1.3. A user ...
An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script.
Уязвимость веб-системы обработки заявок для служб поддержки клиентов, технической поддержки и управления ИТ-услугами Znuny, связанная с непринятием мер по нейтрализации инструкций в динамически исполняемом коде, позволяющая нарушителю повысить свои привилегии и выполнить произвольные команды
9.8 Critical
CVSS3