First published: Thu Jul 18 2019(Updated: )
A CSRF vulnerability was found in flatCore before 1.5, leading to the upload of arbitrary .php files via acp/core/files.upload-script.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Flatcore Flatcore | <1.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The CVE ID of this vulnerability is CVE-2019-13961.
The severity of CVE-2019-13961 is high with a severity value of 8.8.
CVE-2019-13961 affects flatCore versions before 1.5.
The impact of CVE-2019-13961 is the ability for attackers to upload arbitrary .php files via acp/core/files.upload-script.php.
Yes, you can find more information about CVE-2019-13961 on the flatCore GitHub repository: [link]