Vulnerabilities > CVE-2021-46433 - Unspecified vulnerability in Fenom Project Fenom
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
fenom-project
Summary
In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCode()to bypass sandbox to execute arbitrary PHP code when disable_native_funcs is true.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |