CVE-2020-37071
EUVD-2020-3101103.02.2026, 22:16
CraftCMS 3 vCard Plugin 1.0.0 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary PHP code through a crafted payload. Attackers can generate a malicious serialized payload that triggers remote code execution by exploiting the plugin's vCard download functionality with a specially crafted request.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.
Common Weakness Enumeration