Filtered by vendor Nedi
Subscribe
Search
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26753 | 1 Nedi | 1 Nedi | 2022-05-03 | 6.5 MEDIUM | 9.9 CRITICAL |
| NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an attacker to obtain access to the operating system where NeDi is installed and to all application data. | |||||