exploitDog

GHSA-f2qf-2mf5-vg4c

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.

PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.

Ссылки

EPSS

Процентиль: 94%

0.12558

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2016-8580

CVSS3: 9.8

nvd

больше 9 лет назад

PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.

EPSS

Процентиль: 94%

0.12558

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-284