exploitDog

GHSA-3436-jvhw-jv5c

Опубликовано: 29 фев. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component.

An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component.

Ссылки

EPSS

Процентиль: 98%

0.56013

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2024-25869

CVSS3: 8.8

nvd

почти 2 года назад

An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component.

EPSS

Процентиль: 98%

0.56013

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434