3 matches found
CVE-2020-20588
File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php...
CVE-2020-20588
File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php...
CVE-2020-20588
CVE-2020-20588 affects zhimengzhe iBarn 1.5 via a file upload vulnerability in the upload function of action/Core.class.php, allowing remote code execution through avatar uploads to index.php. The NVD/NIST entry scores it CVSS 3.1 Base Score 8.8 (High) with network access, low attack complexity, ...