← Back

Fatfreeframework

fatfreeframework

1 CVE • 1 product

Products (1)

Click to collapse
Toggle
Fat Free Framework
fat-free_framework
1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-5203
1Fatfreeframework
1Fat Free Framework
Nov 21, 2024
Mar 11, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
In Fat-Free Framework 3.7.1, attackers can achieve arbitrary code execution if developers choose to pass user controlled input (e.g., $_REQUEST, $_GET, or $_POST) to the framework's Clear method.