Lucene search
K

CVE-2020-28687

🗓️ 17 Nov 2020 13:14:41Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 62 Views🌐 WEB

The edit profile in ARTWORKS GALLERY allows remote file upload

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
Circl
CVE-2020-28687
17 Nov 202016:39
circl
CNNVD
Code Projects Artworks Gallery Code Issues Vulnerabilities
17 Nov 202000:00
cnnvd
Cvelist
CVE-2020-28687
17 Nov 202013:14
cvelist
Exploit DB
Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile
2 Dec 202000:00
exploitdb
NVD
CVE-2020-28687
17 Nov 202014:15
nvd
OSV
CVE-2020-28687
17 Nov 202014:15
osv
Packet Storm
Artworks Gallery 1.0 Shell Upload
16 Nov 202000:00
packetstorm
Prion
Design/Logic Flaw
17 Nov 202014:15
prion
RedhatCVE
CVE-2020-28687
22 May 202515:27
redhatcve
ParameterPositionPathDescriptionCWE
profile_picturepath/pictures/profile/<shell.php>Arbitrary file upload via edit profile allowing upload of a PHP shell and remote code execution.CWE-434

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 03:10Current
8.7High risk
Vulners AI Score8.7
CVSS 3.18.8
CVSS 29
EPSS0.11894
62