CVE-2020-5505
Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64 substring (in conjunction with "type":"application/x-php"} to the /api/files/ URI.
OS Command Injection
Vendor | Product | Version |
---|---|---|
vaaip | freelancy | 1.0.0 |
Common Weakness Enumeration