Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-26678

Disclosure Date: May 26, 2021 (last updated February 22, 2025)
vFairs 3.3 is affected by Remote Code Execution. Any user logged in to a vFairs virtual conference or event can abuse the functionality to upload a profile picture in order to place a malicious PHP file on the server and gain code execution.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0