Description
Rukovoditel v3.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the component /rukovoditel/index.php?module=dashboard/ajax_request.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sendit WP Newsletter 'id' Parameter SQL Injection (2.1.0)
WordPress Plugin Extensive VC Addons for WPBakery page builder Local File Inclusion (1.9)
WordPress Plugin NextGEN Gallery-WordPress Gallery Arbitrary File Upload (2.1.10)
Joomla! Core Local File Inclusion (2.5.0 - 3.8.8)
WordPress Plugin Starfish Review Generation & Marketing for WordPress Security Bypass (2.0.0)