Arbitrary PHP Code Execution in HelpDEZk 1.1.1
CVE-2017-14146 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it in the helpdezk\app\uploads\helpdezk\attachments\ directory.
Learn more about our User Device Pen Test.