exploitDog

GHSA-h6jm-ghq6-38cg

Опубликовано: 08 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

File upload vulnerability in CMS Made Simple through 2.2.15 allows remote authenticated attackers to gain a webshell via a crafted phar file.

File upload vulnerability in CMS Made Simple through 2.2.15 allows remote authenticated attackers to gain a webshell via a crafted phar file.

Ссылки

EPSS

Процентиль: 62%

0.00421

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2021-28998

CVSS3: 7.2

nvd

больше 2 лет назад

File upload vulnerability in CMS Made Simple through 2.2.15 allows remote authenticated attackers to gain a webshell via a crafted phar file.

EPSS

Процентиль: 62%

0.00421

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-434