An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows malicious users to execute arbitrary code via uploading a crafted .txt file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
easycorp zentao max 4.10 |
||
easycorp zentao 18.10 |
||
easycorp zentao biz 8.10 |