Vulnerabilities

CVE-2016-10759

by Fred · 24/05/2019

The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads.

Date published : 2019-05-24

https://blog.ripstech.com/2016/precurio-remote-command-execution-via-xinha-plugin/

https://demo.ripstech.com/projects/precurio_2.1

Similar

Tags: Cybersecurity Alert