9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-10806

CVE-2020-10806: eZ Publish Kernel and Legacy Unrestricted Upload of File with Dangerous Type

eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2020-10806

CVE-2020-10806:

9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
ezsystems/ezpublish-kernel	composer	< 5.4.14.1	5.4.14.1
ezsystems/ezpublish-legacy	composer	< 5.4.14.1	5.4.14.1
ezsystems/ezpublish-kernel	composer	>= 6.0, < 6.13.6.2	6.13.6.2
ezsystems/ezpublish-kernel	composer	>= 7.0, < 7.5.6.2	7.5.6.2
ezsystems/ezpublish-legacy	composer	>= 2017, < 2017.12.7.2	2017.12.7.2
ezsystems/ezpublish-legacy	composer	>= 2019, < 2019.03.4.2	2019.03.4.2

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from missing file extension validation during uploads. The security patches introduced blacklist checks in both Kernel (via YAML config) and Legacy (via INI setting). The vulnerable functions are the core file upload handlers that processed user-supplied files without these checks. FileStorage::uploadContents in Kernel and eZContentUpload::handleUpload in Legacy would appear in profilers during exploitation as they directly handle file upload operations. The confidence is high as the advisory explicitly links the vulnerability to missing extension validation in file upload mechanisms.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

9.8

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2020-10806: eZ Publish Kernel and Legacy Unrestricted Upload of File with Dangerous Type

CVE-2020-10806:

9.8

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

9.8

9.8

CVE-2020-10806: eZ Publish Kernel and Legacy Unrestricted Upload of File with Dangerous Type

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI