CVE-2020-10235

An issue was discovered in Froxlor before 0.10.14. Remote attackers with access to the installation routine could have executed arbitrary code via the database configuration options that were passed unescaped to exec, because of _backupExistingDatabase in install/lib/class.FroxlorInstall.php.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:froxlor:froxlor:*:*:*:*:*:*:*:*

Information

Published : 2020-03-09 09:15

Updated : 2021-07-21 04:39


NVD link : CVE-2020-10235

Mitre link : CVE-2020-10235


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-116

Improper Encoding or Escaping of Output

Advertisement

dedicated server usa

Products Affected

froxlor

  • froxlor