exploitDog

GHSA-7mc2-wwmp-gcxh

Опубликовано: 15 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An issue was discovered in /Upload/admin/admin_notify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set.

An issue was discovered in /Upload/admin/admin_notify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set.

Ссылки

EPSS

Процентиль: 60%

0.00401

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2021-39426

CVSS3: 9.8

nvd

около 3 лет назад

An issue was discovered in /Upload/admin/admin_notify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set.

EPSS

Процентиль: 60%

0.00401

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94