exploitDog

GHSA-mqx9-wmw8-4226

Опубликовано: 02 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

CMS Made Simple v2.2.15 was discovered to contain a Remote Command Execution (RCE) vulnerability via the upload avatar function. This vulnerability is exploited via a crafted image file.

CMS Made Simple v2.2.15 was discovered to contain a Remote Command Execution (RCE) vulnerability via the upload avatar function. This vulnerability is exploited via a crafted image file.

Ссылки

EPSS

Процентиль: 91%

0.06427

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2022-23906

CVSS3: 7.2

nvd

почти 4 года назад

CMS Made Simple v2.2.15 was discovered to contain a Remote Command Execution (RCE) vulnerability via the upload avatar function. This vulnerability is exploited via a crafted image file.

EPSS

Процентиль: 91%

0.06427

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-434