exploitDog

GHSA-hq4x-qvjp-878v

Опубликовано: 29 мая 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server.

HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server.

Ссылки

EPSS

Процентиль: 18%

0.00058

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2025-46080

CVSS3: 5.3

nvd

8 месяцев назад

HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server.

EPSS

Процентиль: 18%

0.00058

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-434