exploitDog

GHSA-gw88-98xg-7785

Опубликовано: 14 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request.

An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request.

Ссылки

EPSS

Процентиль: 52%

0.0029

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-494

Связанные уязвимости

CVE-2022-31324

CVSS3: 6.5

nvd

больше 3 лет назад

An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request.

EPSS

Процентиль: 52%

0.0029

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-494