9.2 High
AI Score
Confidence
High
0.079 Low
EPSS
Percentile
94.3%
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.
packetstormsecurity.com/files/161208/Klog-Server-2.4.1-Command-Injection.html
docs.unsafe-inline.com/0day/klog-server-authenticated-command-injection