exploitDog

GHSA-g2m2-53vg-2vxp

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

An issue was discovered in zzcms 8.3. It allows remote attackers to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock.

An issue was discovered in zzcms 8.3. It allows remote attackers to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock.

Ссылки

EPSS

Процентиль: 75%

0.00869

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2018-16344

CVSS3: 7.5

nvd

больше 7 лет назад

An issue was discovered in zzcms 8.3. It allows remote attackers to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock.

EPSS

Процентиль: 75%

0.00869

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22