Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-9gfm-wp7r-h4wp

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the icmsConfigPlugins[sanitizer_plugins][] parameter.

Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the icmsConfigPlugins[sanitizer_plugins][] parameter.

Ссылки

EPSS

Процентиль: 86%
0.02741
Низкий

CVE ID

CVE-2012-0987

Дефекты

CWE-22

Связанные уязвимости

nvd логотип

CVE-2012-0987

nvd
больше 13 лет назад

Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the icmsConfigPlugins[sanitizer_plugins][] parameter.

EPSS

Процентиль: 86%
0.02741
Низкий

CVE ID

CVE-2012-0987

Дефекты

CWE-22