Friday, November 13, 2020
CVE-2020-25538
nist.gov
In: nist.gov
An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server. CVE-2020-25538