exploitDog

GHSA-qxrq-72v2-78jv

Опубликовано: 03 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.4

Описание

An arbitrary file upload vulnerability in the plugin installation feature of YZNCMS v2.0.1 allows attackers to execute arbitrary code via uploading a crafted Zip file.

An arbitrary file upload vulnerability in the plugin installation feature of YZNCMS v2.0.1 allows attackers to execute arbitrary code via uploading a crafted Zip file.

Ссылки

EPSS

Процентиль: 5%

0.00021

Низкий

4.4 Medium

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2025-25791

CVSS3: 4.4

nvd

12 месяцев назад

An arbitrary file upload vulnerability in the plugin installation feature of YZNCMS v2.0.1 allows attackers to execute arbitrary code via uploading a crafted Zip file.

EPSS

Процентиль: 5%

0.00021

Низкий

4.4 Medium

CVSS3

CVE ID

Дефекты

CWE-77