{"id":"CVE-2020-10567","details":"An issue was discovered in Responsive Filemanager through 9.14.0. In the ajax_calls.php file in the save_img action in the name parameter, there is no validation of what kind of extension is sent. This makes it possible to execute PHP code if a legitimate JPEG image contains this code in the EXIF data, and the .php extension is used in the name parameter. (A potential fast patch is to disable the save_img action in the config file.)","modified":"2026-03-14T09:47:52.291082Z","published":"2020-03-14T14:15:11.310Z","references":[{"type":"WEB","url":"http://packetstormsecurity.com/files/171280/ZwiiCMS-12.2.04-Remote-Code-Execution.html"},{"type":"EVIDENCE","url":"https://github.com/trippo/ResponsiveFilemanager/issues/600"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/trippo/responsivefilemanager","events":[{"introduced":"0"},{"last_affected":"d5572d2c645c9eebf0a9fcb9f3e6d23722d454f4"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"9.14.0"}]}}],"versions":["9.9","9.9.1","9.9.2","9.9.4","v.9.10.1","v9.10.0","v9.10.1","v9.10.2","v9.11.0","v9.11.3","v9.12.0","v9.12.1","v9.12.2","v9.13.0","v9.13.1","v9.13.3","v9.13.4","v9.14.0","v9.9.3","v9.9.4","v9.9.5","v9.9.6","v9.9.7"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-10567.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}