exploitDog

GHSA-5hq2-6346-wf37

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the (1) "Install and Update" or (2) Backup super administrator function via the view parameter in a direct request to fiyo/dapur.

Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the (1) "Install and Update" or (2) Backup super administrator function via the view parameter in a direct request to fiyo/dapur.

Ссылки

EPSS

Процентиль: 96%

0.24232

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2014-9148

CVSS3: 9.8

nvd

больше 8 лет назад

Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the (1) "Install and Update" or (2) Backup super administrator function via the view parameter in a direct request to fiyo/dapur.

EPSS

Процентиль: 96%

0.24232

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-284