CVE-2020-5505

Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64 substring in conjunction with "type":"application/x-php" to the /api/files/ URI...

CVE-2020-5505

Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64 substring in conjunction with "type":"application/x-php" to the /api/files/ URI...

CVE-2020-5505

Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64 substring in conjunction with "type":"application/x-php" to the /api/files/ URI...

CVE-2020-5505

CVE-2020-5505 affects Freelancy v1.0.0, enabling remote command execution via a crafted request to /api/files/ that injects a data:application/x-php;base64 substring in conjunction with

CVE-2020-5505

Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64 substring in conjunction with "type":"application/x-php" to the /api/files/ URI...

Freelancy Remote Code Execution Vulnerability

Freelancy is a time tracking application for recording time spent on tasks that require billing clients by the hour. Freelancy suffers from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code remotely, perform unauthorized operations, cause a denia...

Freelancy 1.0.0 Remote Code Execution

Exploit Title: Freelancy - Freelance Management App v1.0.0 - RCE Authenticated Arbitrary File Download Date: 03-01-2019 Exploit Author: Ismail Tasdelen Vendor Homepage: https://vaaip.com/ Software Link: https://codecanyon.net/item/freelancy-freelance-project-management-application/25288636...