2 matches found
CVE-2017-20064
Elefant CMS 1.3.12-RC contains a remote code-injection vulnerability in an unknown function of /designer/add/layout. The issue allows manipulation leading to code execution and is addressed by upgrading to version 1.3.13. Multiple connected sources corroborate the existence of the code-injection ...
CVE-2017-20064 Elefant CMS layout code injection
A vulnerability was found in Elefant CMS 1.3.12-RC. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /designer/add/layout. The manipulation leads to code injection. The attack can be launched remotely. Upgrading to version 1.3.13 is able to...