Medium severity6.5NVD Advisory· Published Jan 28, 2026· Updated Apr 15, 2026
CVE-2020-36973
CVE-2020-36973
Description
PDW File Browser 1.3 contains a remote code execution vulnerability that allows authenticated users to upload and rename webshell files to arbitrary web server locations. Attackers can upload a .txt webshell, rename it to .php, and move it to accessible directories using double-encoded path traversal techniques.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=1.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.