Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits  – The Hacker News

Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances.
“When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server,” Sonar researcher Yaniv Nizry said in a write-up published earlier this week.

The  –

Read More  – The Hacker News