exploitDog

GHSA-qqrw-854q-c9ww

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.9

Описание

GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button.

GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button.

Ссылки

EPSS

Процентиль: 66%

0.00511

Низкий

4.9 Medium

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2018-19329

CVSS3: 4.9

nvd

около 7 лет назад

GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button.

EPSS

Процентиль: 66%

0.00511

Низкий

4.9 Medium

CVSS3

CVE ID

Дефекты

CWE-22