exploitDog

GHSA-3xh3-2jvh-x9rr

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SeedDMS before 5.1.11 allows Remote Command Execution (RCE) because of unvalidated file upload of PHP scripts, a different vulnerability than CVE-2018-12940.

SeedDMS before 5.1.11 allows Remote Command Execution (RCE) because of unvalidated file upload of PHP scripts, a different vulnerability than CVE-2018-12940.

Ссылки

EPSS

Процентиль: 97%

0.33292

Средний

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2019-12744

CVSS3: 7.5

nvd

больше 6 лет назад

SeedDMS before 5.1.11 allows Remote Command Execution (RCE) because of unvalidated file upload of PHP scripts, a different vulnerability than CVE-2018-12940.

EPSS

Процентиль: 97%

0.33292

Средний

CVE ID

Дефекты

CWE-434