Описание
A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows malicious users to upload arbitrary PHP files to the web root and execute system commands.
A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows malicious users to upload arbitrary PHP files to the web root and execute system commands.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-5951
- https://seclists.org/bugtraq/2015/Aug/32
- http://packetstormsecurity.com/files/133003/Thomson-Reuters-FATCA-Arbitrary-File-Upload.html
- http://seclists.org/fulldisclosure/2015/Aug/25
- http://www.securityfocus.com/archive/1/536163/100/0/threaded
- http://www.securityfocus.com/bid/76271
EPSS
Процентиль: 86%
0.03066
Низкий
CVE ID
Связанные уязвимости
CVSS3: 9.9
nvd
около 6 лет назад
A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows malicious users to upload arbitrary PHP files to the web root and execute system commands.
EPSS
Процентиль: 86%
0.03066
Низкий