Remote Code Execution in Frog CMS 0.9.5 via admin/?/plugin/file_manager Vulnerability

Remote Code Execution in Frog CMS 0.9.5 via admin/?/plugin/file_manager Vulnerability

CVE-2018-20775 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/ URI.

Learn more about our Cms Pen Testing.