mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
734 B
734 B
CVE-2019-14768
Description
An Arbitrary File Upload issue in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to deploy a new WebApp WAR file to the Tomcat server via Path Traversal, allowing remote code execution with SYSTEM privileges.
POC
Reference
Github
No PoCs found on GitHub currently.