exploitDog

GHSA-c5p2-96pj-wg95

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/admin_vod.php?action=add.

joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/admin_vod.php?action=add.

Ссылки

EPSS

Процентиль: 85%

0.02516

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2018-8766

CVSS3: 9.8

nvd

почти 8 лет назад

joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/admin_vod.php?action=add.

EPSS

Процентиль: 85%

0.02516

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434