CVE-2019-18204

Severity CVSS v4.0:
Pending analysis
Type:
CWE-434 Unrestricted Upload of File with Dangerous Type
Publication date:
30/10/2019
Last modified:
01/11/2019

Description

Zucchetti InfoBusiness before and including 4.4.1 allows any authenticated user to upload .php files in order to achieve code execution.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:zucchetti:infobusiness:*:*:*:*:*:*:*:* 4.4.1 (including)