This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code (and sometimes terminal commands) on a server by making an avatar update and then visiting the avatar file under the /images/ path. | |
To exploit vulnerability account should be registered on the Newscoop website. User can upload new avatar to its profile with custom extensions (for example *.php) and access uploaded file by predictable name at /images/*filename* path at web server. | |
https://nvd.nist.gov/vuln/detail/CVE-2020-11807 |