Vulnerabilities > CVE-2021-46433 - Unspecified vulnerability in Fenom Project Fenom
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCode()to bypass sandbox to execute arbitrary PHP code when disable_native_funcs is true.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |