CVE-2018-20775

Severity CVSS v4.0:
Pending analysis
Type:
CWE-94 Code Injection
Publication date:
11/02/2019
Last modified:
11/02/2019

Description

admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/ URI.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:frog_cms_project:frog_cms:0.9.5:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools