Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution. This attack appear to be exploitable via The attacker must have permission to upload addons.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-07-09T20:00:00Z
Updated: 2024-09-16T18:54:01.434Z
Reserved: 2018-07-09T00:00:00Z
Link: CVE-2018-1000619
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-07-09T20:29:00.673
Modified: 2018-09-11T17:05:39.927
Link: CVE-2018-1000619
Redhat
No data.