exploitDog

GHSA-gpcp-cp2q-wj86

Опубликовано: 03 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename.

An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename.

Ссылки

EPSS

Процентиль: 82%

0.01782

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2025-22926

CVSS3: 9.8

nvd

10 месяцев назад

An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename.

EPSS

Процентиль: 82%

0.01782

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-22