Security Advisory

CVE-2019-13980

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-19 14:18:08

Last updated 2024-08-05 00:05:44

Assigner mitre

State PUBLISHED

Description

In Directus 7 API through 2.3.0, uploading of PHP files is blocked only when the Apache HTTP Server is used, leading to uploads/_/originals remote code execution with nginx.

← Browse all CVEs View on cve.org ↗