CVE-2020-24986

Published: 2020-09-04T20:15Z

Last Modified: 2024-11-21T05:16Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file via File Manager. It is possible to modify site configuration to upload the PHP file and execute arbitrary commands. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt