exploitDog

GHSA-q4c4-rh4g-6cxf

Опубликовано: 10 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

A Remote Code Execution (RCE) vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profile_pic parameter within pages_view_client.php.

A Remote Code Execution (RCE) vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profile_pic parameter within pages_view_client.php.

Ссылки

EPSS

Процентиль: 73%

0.0076

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2025-29017

CVSS3: 8.8

nvd

10 месяцев назад

A Remote Code Execution (RCE) vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profile_pic parameter within pages_view_client.php.

EPSS

Процентиль: 73%

0.0076

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434