Main
Vulnerability Database
Exploits
ID:5790 - Exploit for Improper input validation - CVE-2018-7777
ID:5790 - Exploit for Improper input validation - CVE-2018-7777
Published: June 17, 2021
Vulnerability identifier: #VU11664
Vulnerability risk: High
CVE-ID: CVE-2018-7777
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
Link to public exploit:
Vulnerability description
The vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists due to insufficient handling of update_file request parameter on update_module.php. A remote attacker can send a specially crafted request to the target server and execute arbitrary code.
The weakness exists due to insufficient handling of update_file request parameter on update_module.php. A remote attacker can send a specially crafted request to the target server and execute arbitrary code.
Remediation
Install update from vendor's website.