exploitDog

GHSA-55g6-fxrw-j4pp

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter.

Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter.

Ссылки

EPSS

Процентиль: 91%

0.06862

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2017-11154

CVSS3: 7.2

nvd

больше 8 лет назад

Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter.

EPSS

Процентиль: 91%

0.06862

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-434