In Directus 7 API up to and including 2.3.0, uploading of PHP files is blocked only when the Apache HTTP Server is used, leading to uploads/_/originals remote code execution with nginx.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rangerstudio directus 7 api |