Full title: Typesetter CMS 5.1 Remote Code Execution Vulnerability Category: web applications Platform: php Typesetter version 5.1 is vulnerable to code execution via /index.php/Admin/Uploaded. An attacker can exploit this by uploading a zip that contains a malicious php file inside. After extracting the zip file containing the malicious php file, it is possible to execute commands on the target operation system. # 0day.today @ http://0day.today/