Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits,
Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances.
« When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server, » Sonar researcher Yaniv Nizry said in a write-up published earlier this week.
« When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server, » Sonar researcher Yaniv Nizry said in a write-up published earlier this week.
The
,
Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances.
« When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server, » Sonar researcher Yaniv Nizry said in a write-up published earlier this week.
« When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server, » Sonar researcher Yaniv Nizry said in a write-up published earlier this week.
The
, ,
https://thehackernews.com/2025/01/unpatched-php-voyager-flaws-leave.html