Full title: Typesetter CMS 5.1 Remote Code Execution Vulnerability 
Category: web applications
Platform: php
Typesetter version 5.1 is vulnerable to code execution via /index.php/Admin/Uploaded. An attacker can exploit this by uploading a zip that contains a malicious php file inside. After extracting the zip file containing the malicious php file, it is possible to execute commands on the target operation system.

# 0day.today @ http://0day.today/