Unrated severityNVD Advisory· Published Mar 23, 2020· Updated Aug 4, 2024
CVE-2020-7935
CVE-2020-7935
Description
Artica Pandora FMS through 7.42 is vulnerable to remote PHP code execution because of an Unrestricted Upload Of A File With A Dangerous Type issue in the File Manager. An attacker can create a (or use an existing) directory that is externally accessible to store PHP files. The filename and the exact path is known by the attacker, so it is possible to execute PHP code in the context of the application. The vulnerability is exploitable only with Administrator access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Artica/Pandora FMSdescription
- Range: <=7.42
Patches
Vulnerability mechanics
References
1- k4m1ll0.com/cve-2020-7935.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.