CVE-2019-11062

Summary

The SUNNET WMPro v5.0 and v5.1 for eLearning system has OS Command Injection via "/teach/course/doajaxfileupload.php". The target server can be exploited without authentication.

Affected Software

VendorProductVersion RangeStatus
SUNNETWMPro5.0affected
SUNNETWMPro5.1affected

Weaknesses

  • CWE-78: CWE-78 OS Command Injection

ADP Enrichment

CVE Program Container

Additional References

References