Arbitrary Command Execution in refbase Web Reference Database (CVE-2020-XXXX)

Arbitrary Command Execution in refbase Web Reference Database (CVE-2020-XXXX)

CVE-2015-6008 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary commands via the adminPassword parameter, a different issue than CVE-2015-7381.

Learn more about our Web App Pen Testing.