CVE-2020-15227

Published
View on NVD ↗
CVSS v3
8.7
HIGH
CVSS v2
7.5
HIGH
Affected
3
PROJECTS

Description

Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. Nette is a PHP/Composer MVC Framework.

nette/application
nette/application
🏆 Nette Application: a full-stack component-based MVC kernel for PHP that helps you write powerful and modern web applications. Write less, have cleaner code and your work will bring you joy.
PackagistPackagist
15.8M
nette/nette
nette/nette
👪 Nette Framework - innovative framework for fast and easy development of secured web applications in PHP (metapackage)
PackagistPackagist
2.82M
nette/application
nette/application
🏆 A full-stack component-based MVC kernel for PHP that helps you write powerful and modern web applications. Write less, have cleaner code and your work will bring you joy.
GitHubGitHub
450