CVE-2020-10964

Опубликовано: 25 мар. 2020

Источник: debian

EPSS Низкий

Описание

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
serendipity	removed			package

EPSS

Процентиль: 88%

0.03798

Низкий

Связанные уязвимости

CVE-2020-10964

CVSS3: 9.8

ubuntu

почти 6 лет назад

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.

CVE-2020-10964

CVSS3: 9.8

nvd

почти 6 лет назад

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.

GHSA-xjqm-3cpf-r6x4

github

больше 3 лет назад

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.

EPSS

Процентиль: 88%

0.03798

Низкий