exploitDog

GHSA-5h6w-56p3-f39c

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code.

In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code.

Ссылки

EPSS

Процентиль: 80%

0.01364

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2017-7625

CVSS3: 9.8

nvd

почти 9 лет назад

In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code.

EPSS

Процентиль: 80%

0.01364

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94