Security Advisory

CVE-2020-36973

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-28 17:35:12

Last updated 2026-01-28 21:12:47

Assigner VulnCheck

State PUBLISHED

Description

PDW File Browser 1.3 contains a remote code execution vulnerability that allows authenticated users to upload and rename webshell files to arbitrary web server locations. Attackers can upload a .txt webshell, rename it to .php, and move it to accessible directories using double-encoded path traversal techniques.

← Browse all CVEs View on cve.org ↗