exploitDog

GHSA-jj62-mc3m-j769

Опубликовано: 07 сент. 2022

Источник: github

Github: Прошло ревью

CVSS3: 9.8

Описание

FeehiCMS has an arbitrary file upload vulnerability

There is an arbitrary file upload vulnerability in FeehiCMS 2.0.8.1 at the head image upload, that allows attackers to execute relevant PHP code.

Ссылки

Пакеты

Наименование

feehi/cms

composer

Затронутые версииВерсия исправления

< 2.0.8.1

2.0.8.1

EPSS

Процентиль: 61%

0.00411

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2020-21516

CVSS3: 9.8

nvd

больше 3 лет назад

There is an arbitrary file upload vulnerability in FeehiCMS 2.0.8 at the head image upload, that allows attackers to execute relevant PHP code.

EPSS

Процентиль: 61%

0.00411

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-434