tribalsystems/zenario is vulnerable to remote code execution. It is possible for a remote attacker to upload and execute malicious code on the system via the vulnerable handlePluginAJAX
function in module_code.php
which resides inside User Form
module, when the file upload is enabled.
CPE | Name | Operator | Version |
---|---|---|---|
tribalsystems/zenario | le | 9.3.57186 | |
tribalsystems/zenario | le | 9.3.57186 |