2 matches found
CVE-2020-5593
Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file...
CVE-2020-5593
Zenphoto shows a concrete code-injection vulnerability CVE-2020-5593 in versions prior to 1.5.7. An attacker can trigger arbitrary PHP code execution on the server by convincing a user to upload a specially crafted ZIP file; the issue stems from how the ZIP payload is processed. Affected product:...