Skip to main content

Image Uploader And Browser For Ckeditor

1 CVEs product

Monthly

CVE-2019-19502 CRITICAL PATCH Act Now

Code injection in pluginconfig.php in Image Uploader and Browser for CKEditor before 4.1.9 allows remote authenticated users to execute arbitrary PHP code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection PHP RCE Image Uploader And Browser For Ckeditor
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Code injection in pluginconfig.php in Image Uploader and Browser for CKEditor before 4.1.9 allows remote authenticated users to execute arbitrary PHP code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection PHP RCE +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy