ProcessMaker.Open.Source.Authenticated.Code.Execution
Description
This indicates an attack attempt to exploit a Code Execution Vulnerability in ProcessMaker.
The vulnerability is due to an input validation error in a variable in the vulnerable PHP script. A remote attacker could exploit this to execute arbitrary code execution within the context of the application, via a crafted HTTP request.
Affected Products
ProcessMaker v 2.0.45 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's website for suggested workaround.
http://bugs.processmaker.com/view.php?id=13436
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |