HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it in the helpdezk\app\uploads\helpdezk\attachments\ directory.
References
Link | Resource |
---|---|
https://github.com/M4ple/vulnerability/blob/master/helpdezk_file_upload/helpdezk_file_upload.md | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:23:39
Updated: 2022-10-03T16:23:39
Reserved: 2022-10-03T00:00:00
Link: CVE-2017-14146
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-09-05T07:29:00.243
Modified: 2017-09-06T18:23:08.307
Link: CVE-2017-14146
JSON object: View
Redhat Information
No data.
CWE