exploitDog

GHSA-c493-5mp7-c24q

Опубликовано: 08 фев. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file.

An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file.

Ссылки

EPSS

Процентиль: 31%

0.00115

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2024-24202

CVSS3: 9.8

nvd

почти 2 года назад

An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file.

EPSS

Процентиль: 31%

0.00115

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434