Vtech · Vtecrm Vtenext · CVE-2020-10228
**Name of the Vulnerable Software and Affected Versions**
vtecrm vtenext version 19 CE
**Description**
A file upload issue allows authenticated users to upload files with a .pht extension, resulting in remote code execution.
**Recommendations**
For version 19 CE, restrict file uploads to prevent the upload of files with a .pht extension until a fix is available.