exploitDog

GHSA-hmrq-3hg5-2m7x

Опубликовано: 03 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename.

An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename.

Ссылки

EPSS

Процентиль: 73%

0.00745

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2025-22927

CVSS3: 9.1

nvd

10 месяцев назад

An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename.

EPSS

Процентиль: 73%

0.00745

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-22