Vulnerability Details CVE-2020-10948
Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) 2.0.2 is vulnerable to Remote Command Execution via eval injection, a different issue than CVE-2002-0934. An unauthenticated, remote attacker can exploit this via a series of crafted requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.181
EPSS Ranking 94.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2020-10948
-
cpe:2.3:a:alienform2_project:alienform2:2.0.2