exploitDog

GHSA-38gx-pgpj-9cw5

Опубликовано: 11 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates/template_manage.php, an attacker can write an arbitrary shell file.

Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates/template_manage.php, an attacker can write an arbitrary shell file.

Ссылки

EPSS

Процентиль: 56%

0.00335

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2022-24609

CVSS3: 9.8

nvd

почти 4 года назад

Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates/template_manage.php, an attacker can write an arbitrary shell file.

EPSS

Процентиль: 56%

0.00335

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-863