exploitDog

GHSA-9vp3-p6fp-p88f

Опубликовано: 15 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.

File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.

Ссылки

EPSS

Процентиль: 74%

0.00819

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2020-20588

CVSS3: 8.8

nvd

около 3 лет назад

File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.

EPSS

Процентиль: 74%

0.00819

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434