A vulnerability classified as very critical was found in fogproject 1.5.9/1.5.10/1.5.10.15. Affected by this vulnerability is an unknown functionality in the library packages/web/lib/fog/reportmaker.class.php. The manipulation of the argument filename leads to command injection.
This vulnerability is known as CVE-2024-39914. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.