Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-5965

Disclosure Date: November 30, 2023 (last updated February 25, 2025)
An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the update form, which could lead to arbitrary PHP code execution.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0