CVE-2019-9002

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
7.5
HIGH
Affected
2
PROJECTS

Description

An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through 1.3.2c. install/config-setup.php allows remote attackers to execute arbitrary PHP code via the database_host parameter if the installer remains present in its original directory after installation is completed.

pixeline/bugs
pixeline/bugs
Simple Issue Tracking for Teams. Built in Laravel 3 (php/mysql)
GitHubGitHub
87
mikelbring/tinyissue
mikelbring/tinyissue
Simple Issue Tracking for Teams
GitHubGitHub
761