Unrated severityNVD Advisory· Published Nov 13, 2020· Updated Aug 4, 2024
CVE-2020-25538
CVE-2020-25538
Description
An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CMSuno/CMSunodescription
- Range: <=1.6.2
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/161162/CMSUno-1.6.2-Remote-Code-Execution.htmlmitrex_refsource_MISC
- fatihhcelik.blogspot.com/2020/09/cmsuno-162-remote-code-execution_30.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.