4 matches found
CVE-2023-5966
An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the extension deployment form, which could lead to arbitrary PHP code execution...
CVE-2023-5966 Unrestricted Upload of File with Dangerous Type in EspoCRM
An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the extension deployment form, which could lead to arbitrary PHP code execution...
CVE-2023-5966
CVE-2023-5966 affects EspoCRM 7.2.5. An authenticated privileged attacker can upload a specially crafted ZIP via the extension deployment form, leading to arbitrary PHP code execution on the EspoCRM server. The issue is tied to the vulnerability in EspoCRM’s deployment mechanism and is confirmed ...
CVE-2023-5966 Unrestricted Upload of File with Dangerous Type in EspoCRM
An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the extension deployment form, which could lead to arbitrary PHP code execution...