VYPR
Unrated severityNVD Advisory· Published Aug 24, 2021· Updated Aug 4, 2024

CVE-2020-18917

CVE-2020-18917

Description

The plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.