WWBN AVideo Remote Code Execution
Critical severity
GitHub Reviewed
Published
Apr 10, 2024
to the GitHub Advisory Database
•
Updated Aug 29, 2024
Description
Published by the National Vulnerability Database
Apr 10, 2024
Published to the GitHub Advisory Database
Apr 10, 2024
Reviewed
Aug 29, 2024
Last updated
Aug 29, 2024
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.
References