Engel & Völkers Technology GmbH: Remote Code Execution (RCE) at "juid" parameter in /get_zip.php (printshop.engelvoelkers.com)
Summary Taking advantage of the vulnerability reported in 914194, it has been possible to analyze certain application code and detect remote code execution at https://printshop.engelvoelkers.com/getzip.php?juid=1 due to a lack of sanitization of the inputs received by the web application. This...