Vulnerability Details CVE-2020-10386
admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.179
EPSS Ranking 94.9%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
- http://antoniocannito.it/?p=137#rce1
- http://packetstormsecurity.com/files/156757/PHPKB-Multi-Language-9-image-upload.php-Code-Execution.html
- https://antoniocannito.it/phpkb1#remote-code-execution-cve-2020-10386
- https://www.exploit-db.com/exploits/48221
- http://antoniocannito.it/?p=137#rce1
- http://packetstormsecurity.com/files/156757/PHPKB-Multi-Language-9-image-upload.php-Code-Execution.html
- https://antoniocannito.it/phpkb1#remote-code-execution-cve-2020-10386
- https://www.exploit-db.com/exploits/48221
Products affected by CVE-2020-10386
-
cpe:2.3:a:chadhaajay:phpkb:9.0