Vulnerabilities

CVE-2020-24986

by Fred · 04/09/2020

Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file via File Manager. It is possible to modify site configuration to upload the PHP file and execute arbitrary commands.

Date published : 2020-09-04

https://hackerone.com/reports/768322

Similar

Tags: Cybersecurity Alert