6 matches found
CVE-2020-28872
An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/assets/config/installation/register.php allows an unauthorized person to create valid credentials. Recent assessments: noraj at June 22, 2021 4:52pm UTC reported: This gives the ability to create an administrator account while...
CVE-2020-28871
Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the server-side via an insecure file upload...
CVE-2020-28871
Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the server-side via an insecure file upload...
Design/Logic Flaw
Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the server-side via an insecure file upload...
CVE-2020-28871
Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the server-side via an insecure file upload. Recent assessments: noraj at June 22, 2021 4:56pm UTC reported: The uploaded file must have an image magic byte eg. GIF in order to match...
CVE-2020-28871
Monitorr 1.7.6m (and 1.7.7d and below) is affected by an unauthenticated remote code execution due to an insecure file upload via upload.php. An attacker can upload a crafted PHP file to achieve RCE on the server; exploitation is discussed in public advisories and exploit references. Affected pro...