{"uuid": "b5a3cba4-fbc2-4da9-bcf4-f0812330da08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28165", "type": "seen", "source": "https://t.me/cibsecurity/27216", "content": "\u203c CVE-2020-28165 \u203c\n\nThe EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. An attacker can upload arbitrary webshell to the server by using the downloadZipPackage() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-12T16:39:47.000000Z"}