exploitDog

GHSA-5xj4-3cf7-r6mm

Опубликовано: 14 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request.

An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request.

Ссылки

EPSS

Процентиль: 12%

0.00039

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-598

Связанные уязвимости

CVE-2025-51651

CVSS3: 5.5

nvd

7 месяцев назад

An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request.

EPSS

Процентиль: 12%

0.00039

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-598