Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64 substring (in conjunction with "type":"application/x-php"} to the /api/files/ URI.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-04T08:30:24.296Z
Reserved: 2020-01-05T00:00:00
Link: CVE-2020-5505

No data.

Status : Modified
Published: 2020-01-14T19:15:13.640
Modified: 2024-11-21T05:34:10.843
Link: CVE-2020-5505

No data.