6 matches found
CVE-2020-18886
Unrestricted File Upload in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the component 'admin/uploadfiledo.php'...
Command injection
Command Injection in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the "text color" field of the component '/admin/webconfig.php'...
Unrestricted file upload
Unrestricted File Upload in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the component 'admin/uploadfiledo.php'...
CVE-2020-18886
Unrestricted File Upload in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the component 'admin/uploadfiledo.php'...
CVE-2020-18886
CVE-2020-18886 affects PHPMyWind v5.6 and is caused by an Unrestricted File Upload in the admin/upload_file_do.php component. The provided documents indicate that remote attackers can execute arbitrary code due to this upload vulnerability. No mitigation or fixed version is stated in the connecte...
CVE-2020-18885
CVE-2020-18885 affects PHPMyWind v5.6, with a command injection vulnerability in the admin/web_config.php component that allows remote attackers to execute arbitrary code via the text color field. Multiple connected sources corroborate the flaw and its impact on remote code execution. Public deta...