exploitDog

GHSA-g4f9-hf22-85j8

Опубликовано: 15 нояб. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

yshopmall V1.0 has an arbitrary file upload vulnerability, which can enable RCE or even take over the server when improperly configured to parse JSP files.

yshopmall V1.0 has an arbitrary file upload vulnerability, which can enable RCE or even take over the server when improperly configured to parse JSP files.

Ссылки

EPSS

Процентиль: 72%

0.00718

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2024-50648

CVSS3: 9.8

nvd

около 1 года назад

yshopmall V1.0 has an arbitrary file upload vulnerability, which can enable RCE or even take over the server when improperly configured to parse JSP files.

EPSS

Процентиль: 72%

0.00718

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-22