exploitDog

GHSA-7r64-4hhr-hq25

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

DBHcms v1.2.0 has an Arbitrary file read vulnerability in dbhcms\mod\mod.editor.php $_GET['file'] is filename,and as there is no filter function for security, you can read any file's content.

DBHcms v1.2.0 has an Arbitrary file read vulnerability in dbhcms\mod\mod.editor.php $_GET['file'] is filename,and as there is no filter function for security, you can read any file's content.

Ссылки

EPSS

Процентиль: 50%

0.00271

Низкий

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2020-19890

CVSS3: 4.9

nvd

больше 5 лет назад

DBHcms v1.2.0 has an Arbitrary file read vulnerability in dbhcms\mod\mod.editor.php $_GET['file'] is filename,and as there is no filter function for security, you can read any file's content.

EPSS

Процентиль: 50%

0.00271

Низкий

CVE ID

Дефекты

CWE-200