exploitDog

GHSA-jfv8-vg3m-73pc

Опубликовано: 06 июн. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters.

Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters.

Ссылки

EPSS

Процентиль: 93%

0.10621

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2024-34832

CVSS3: 9.8

nvd

больше 1 года назад

Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters.

EPSS

Процентиль: 93%

0.10621

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-22