CVE-2020-25538

An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server.
Configurations

Configuration 1

cpe:2.3:a:cmsuno_project:cmsuno:1.6.2:*:*:*:*:*:*:*

Information

Published : 2020-11-13 04:15

Updated : 2021-07-21 11:39


NVD link : CVE-2020-25538

Mitre link : CVE-2020-25538

Products Affected
No products.
CWE