Description
Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user (not admin) to send a crafted request to the server and perform remote command execution (RCE).
Remediation
References
Related Vulnerabilities
MySQL CVE-2021-35622 Vulnerability (CVE-2021-35622)
WordPress Plugin Parsi Date Cross-Site Scripting (4.0.1)
WordPress Plugin Gigya-Social Infrastructure Unspecified Vulnerability (3.0.4)
MySQL CVE-2019-2914 Vulnerability (CVE-2019-2914)
WordPress Plugin Premmerce Permalink Manager for WooCommerce Local File Inclusion (2.3.10)