exploitDog

GHSA-crgh-9gf9-cqq9

Опубликовано: 29 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.9

Описание

Critical unrestricted file upload vulnerability in HubBank affecting version 1.0.2. This vulnerability allows a registered user to upload malicious PHP files via upload document fields, resulting in webshell execution.

Critical unrestricted file upload vulnerability in HubBank affecting version 1.0.2. This vulnerability allows a registered user to upload malicious PHP files via upload document fields, resulting in webshell execution.

Ссылки

EPSS

Процентиль: 39%

0.0017

Низкий

9.9 Critical

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2024-4306

CVSS3: 9.9

nvd

почти 2 года назад

Critical unrestricted file upload vulnerability in HubBank affecting version 1.0.2. This vulnerability allows a registered user to upload malicious PHP files via upload document fields, resulting in webshell execution.

EPSS

Процентиль: 39%

0.0017

Низкий

9.9 Critical

CVSS3

CVE ID

Дефекты

CWE-434