CVE-2020-20698
First published: Fri Jul 30 2021(Updated: )
A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to getshell via modification of a PHP file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| S-cms S-cms | =3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-20698?
CVE-2020-20698 is a remote code execution (RCE) vulnerability in S-CMS PHP v3.0 that allows attackers to getshell by modifying a PHP file.
How severe is CVE-2020-20698?
CVE-2020-20698 has a severity of 7.2 (high).
Which software version is affected by CVE-2020-20698?
CVE-2020-20698 affects S-CMS PHP v3.0.
How can an attacker exploit CVE-2020-20698?
An attacker can exploit CVE-2020-20698 by modifying a PHP file in /1.com.php of S-CMS PHP v3.0 to execute remote code and gain unauthorized access.
Is there a fix for CVE-2020-20698?
A fix for CVE-2020-20698 may be provided by the vendor. It is recommended to update to the latest version of S-CMS PHP and follow any security advisories or patches.
- collector/nvd-index
- vendor/s-cms
- canonical/s-cms s-cms
- version/s-cms s-cms/3.0