Unrestricted File Upload Vulnerability in Fernus Informatics LMS Allows OS Command Injection and SSI Injection

Unrestricted File Upload Vulnerability in Fernus Informatics LMS Allows OS Command Injection and SSI Injection

CVE-2023-1728 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Unrestricted Upload of File with Dangerous Type vulnerability in Fernus Informatics LMS allows OS Command Injection, Server Side Include (SSI) Injection.This issue affects LMS: before 23.04.03.

Learn more about our Cis Benchmark Audit For Server Software.