Main Vulnerability Database Exploits ID:4689 - Exploit for Code injection in Nette - CVE-2020-15227

ID:4689 - Exploit for Code injection in Nette - CVE-2020-15227

Published: October 10, 2020

Vulnerability identifier: #VU47491

Vulnerability risk: High

CVE-ID: CVE-2020-15227

CWE-ID: CWE-74

Exploitation vector: Remote access

Vulnerable software:
Nette

Link to public exploit:

https://github.com/Langriklol/CVE-2020-15227

Vulnerability description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to improper input validation in URL. A remote attacker can pass specially crafted data to the application and execute arbitrary PHP code on the server.

Remediation

Install updates from vendor's website.

ID:4689 - Exploit for Code injection in Nette - CVE-2020-15227

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human