mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
836 B
836 B
CVE-2020-12854
Description
A remote code execution vulnerability was identified in SecZetta NEProfile 3.3.11. Authenticated remote adversaries can invoke code execution upon uploading a carefully crafted JPEG file as part of the profile avatar.
POC
Reference
- http://packetstormsecurity.com/files/158434/SecZetta-NEProfile-3.3.11-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/158434/SecZetta-NEProfile-3.3.11-Remote-Code-Execution.html
Github
No PoCs found on GitHub currently.