Atutor: >> Acontent >> 1.4 Security Vulnerabilities
An issue was discovered in AContent through 1.4. It allows the user to run commands on the server with a low-privileged account. The upload section in the file manager page contains an arbitrary file upload vulnerability via upload.php. The extension .php7 bypasses file upload restrictions.
CVSS Score
8.8
EPSS Score
0.004
Published
2020-03-16