15 Oct 2019
Vulnérabilité CVE-2019-17613 CVE Vulnerability
qibosoft 7 allows remote code execution because do/jf.php makes eval calls. The attacker can use the Point Introduction Management feature to supply PHP code to be evaluated. Alternatively, the attacker can access admin/index.php?lfj=jfadmin&action=addjf via CSRF, as demonstrated by a payload in the content parameter. (CVSS:0.0) (Last Update:2019-10-15)
Vulnerability Details : qibosoft 7 allows remote code execution because do/jf.php makes eval calls. The attacker can use the Point Introduction Management feature to supply PHP code to be evaluated. Alternatively, the attacker can access admin/index.php?lfj=jfadmin&action=addjf via CSRF, as demonstrated by a payload in the content parameter. Publish Date : 2019-10-15 Last Update Date : 2019-10-15 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2019-17613
- References For CVE-2019-17613
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2019-17613There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |