Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:39 p.m.30 views

CVE-2020-10567

An issue was discovered in Responsive Filemanager through 9.14.0. In the ajaxcalls.php file in the saveimg action in the name parameter, there is no validation of what kind of extension is sent. This makes it possible to execute PHP code if a legitimate JPEG image contains this code in the EXIF...

9.8CVSS7.2AI score0.1929EPSS
Exploits5References1
Exploit DB
Exploit DB
added 2024/06/14 12:0 a.m.506 views

ZwiiCMS 12.2.04 - Remote Code Execution (Authenticated)

Exploit Title: ZwiiCMS 12.2.04 Remote Code Execution Authenticated Date: 03/06/2023 Exploit Author: Hadi Mene Vendor Homepage: https://zwiicms.fr/ Version: 12.2.04 and potentially lower versions Tested on: Linux CVE: CVE-2020-10567 Category: webapps ZwiiCMS 12.2.04 uses "Responible FileManager"...

9.8CVSS7.4AI score0.1929EPSS
Exploits5
0day.today
0day.today
added 2023/03/07 12:0 a.m.409 views

ZwiiCMS 12.2.04 Remote Code Execution Exploit

Exploit Title: ZwiiCMS 12.2.04 Remote Code Execution Authenticated Exploit Author: Hadi Mene Vendor Homepage: https://zwiicms.fr/ Version: 12.2.04 and potentially lower versions CVE: CVE-2020-10567 Category: webapps ZwiiCMS 12.2.04 uses "Responible FileManager" 9.14.0 for its file manager feature...

9.8CVSS9.7AI score0.1929EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/03/07 12:0 a.m.451 views

ZwiiCMS 12.2.04 Remote Code Execution

Exploit Title: ZwiiCMS 12.2.04 Remote Code Execution Authenticated Date: 03/06/2023 Exploit Author: Hadi Mene Vendor Homepage: https://zwiicms.fr/ Version: 12.2.04 and potentially lower versions CVE: CVE-2020-10567 Category: webapps ZwiiCMS 12.2.04 uses "Responible FileManager" 9.14.0 for its fil...

9.8CVSS9.7AI score0.1929EPSS
Exploits5
CVE
CVE
added 2020/03/14 12:0 a.m.167 views

CVE-2020-10567

CVE-2020-10567 affects Responsive Filemanager up to version 9.14.0. The vulnerability is in ajax_calls.php, case 'save_img', where the name parameter’s extension is not validated. An attacker (often authenticated in affected apps like ZwiiCMS) can craft a JPEG with malicious EXIF data and a .php ...

9.8CVSS9.5AI score0.1929EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder