CVE-2019-20453

Published: Mar 17, 2020

Modified: Aug 5, 2024

PUBLISHED

Description

A problem was found in Pydio Core before 8.2.4 and Pydio Enterprise before 8.2.4. A PHP object injection is present in the page plugins/uploader.http/HttpDownload.php. An authenticated user with basic privileges can inject objects and achieve remote code execution.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://pydio.com/en/community/releases/pydio-core/pydio-core-pydio-enterprise-824-security-release

x_refsource_MISC

https://www.certilience.fr/2020/03/cve-2019-20453-vulnerabilite-php-object-injection-pydio-core/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-20453

Description

Affected Products

References