CVE-2020-10806 — Unrestricted File Upload in Publish-kernel

CWE-434 — Unrestricted File Upload3 documents3 sources

Severity

9.8CRITICALNVD

EPSS

2.8%

top 13.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

EZ Publish-kernel EZ Publish-legacy Ezsystems Ezpublish-kernel +1 more

Timeline

PublishedMar 22

Latest updateMay 24

Description

eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

▶NVDez/ez_publish-kernel6.0.0 — 6.13.6.2+2

▶NVDez/ez_publish-legacy2017.0 — 2017.12.7.2+2

▶Packagistezsystems/ezpublish-kernel6.0 — 6.13.6.2+2

▶Packagistezsystems/ezpublish-legacy2017 — 2017.12.7.2+2

🔴Vulnerability Details

OSV

eZ Publish Kernel and Legacy Unrestricted Upload of File with Dangerous Type↗2022-05-24

▶

GHSA

eZ Publish Kernel and Legacy Unrestricted Upload of File with Dangerous Type↗2022-05-24

▶