PT-2023-11812 · Unknown+1 · Trampgeek Jobe+1

Marlon

Publicado

2022-11-28

Atualizado

2024-05-17

CVE-2020-36642

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions trampgeek jobe versions 1.6.x and earlier

Description A critical issue affects the function run in sandbox of the file application/libraries/LanguageTask.php, leading to command injection.

Recommendations For trampgeek jobe versions 1.6.x and earlier, upgrade to version 1.7.0 to address this issue. As a temporary workaround, consider disabling the run in sandbox function until the patch is applied. Restrict access to the application/libraries/LanguageTask.php file to minimize the risk of exploitation.

Correção

Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-77

Identificadores relacionados

ALT-PU-2022-3224

ALT-PU-2024-1386

CVE-2020-36642

Produtos afetados

Alt Linux

Trampgeek Jobe

PT-2023-11812 · Unknown+1 · Trampgeek Jobe+1

CVE-2020-36642

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14