exploitDog

GHSA-2wx5-x3v9-h4fr

Опубликовано: 10 янв. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

Ссылки

EPSS

Процентиль: 80%

0.01403

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2022-46610

CVSS3: 8.8

nvd

около 3 лет назад

72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

EPSS

Процентиль: 80%

0.01403

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434