exploitDog

GHSA-f987-r737-hx6g

Опубликовано: 16 июл. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini.

An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini.

Ссылки

EPSS

Процентиль: 57%

0.00354

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2021-36461

CVSS3: 8.8

nvd

больше 3 лет назад

An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini.

EPSS

Процентиль: 57%

0.00354

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434