exploitDog

GHSA-cjm4-49jq-wqqg

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Unrestricted file upload vulnerability in admin/Editor/imgupload.php in FlashBlog 0.31 beta allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in tus_imagenes/.

Unrestricted file upload vulnerability in admin/Editor/imgupload.php in FlashBlog 0.31 beta allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in tus_imagenes/.

Ссылки

EPSS

Процентиль: 91%

0.06756

Низкий

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2008-2574

nvd

больше 17 лет назад

Unrestricted file upload vulnerability in admin/Editor/imgupload.php in FlashBlog 0.31 beta allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in tus_imagenes/.

EPSS

Процентиль: 91%

0.06756

Низкий

CVE ID

Дефекты

CWE-20