exploitDog

GHSA-25pp-8747-rm5j

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Bludit before 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo through /admin/ajax/upload-logo.

Bludit before 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo through /admin/ajax/upload-logo.

Ссылки

EPSS

Процентиль: 84%

0.02293

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434

CWE-94

Связанные уязвимости

CVE-2019-12548

CVSS3: 8.8

nvd

больше 6 лет назад

Bludit before 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo through /admin/ajax/upload-logo.

EPSS

Процентиль: 84%

0.02293

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434

CWE-94