AI Score
Confidence
High
EPSS
Percentile
84.7%
TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request.
secunia.com/advisories/28291
exchange.xforce.ibmcloud.com/vulnerabilities/39531
www.exploit-db.com/exploits/4861