CVE-2020-37246 | Supsystic Backup 2.3.9 admin.php Download filename control (Exploit 49545)

A vulnerability classified as problematic was found in Supsystic Backup 2.3.9. This affects an unknown function of the file admin.php. The manipulation of the argument Download results in improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is known as CVE-2020-37246. Attacking locally is a requirement. Furthermore, an exploit is available.VulDB Recent EntriesRead More