exploitDog

GHSA-h2ph-x33p-jmpm

Опубликовано: 21 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.6

Описание

An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature.

An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature.

Ссылки

EPSS

Процентиль: 3%

0.00016

Низкий

6.6 Medium

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2024-22724

CVSS3: 6.6

nvd

почти 2 года назад

An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature.

EPSS

Процентиль: 3%

0.00016

Низкий

6.6 Medium

CVSS3

CVE ID

Дефекты

CWE-94