exploitDog

GHSA-f6c5-v8pr-pwg7

Опубликовано: 15 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them.

In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them.

Ссылки

EPSS

Процентиль: 53%

0.00297

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2025-29281

CVSS3: 8.8

nvd

10 месяцев назад

In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them.

EPSS

Процентиль: 53%

0.00297

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-94