Arbitrary PHP Code Execution via .htaccess File Upload in PivotX 2.3.11

Arbitrary PHP Code Execution via .htaccess File Upload in PivotX 2.3.11

CVE-2017-8402 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file.

Learn more about our User Device Pen Test.