exploitDog

GHSA-r5qj-vq8r-w5j5

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component resulting in information disclosure.

ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component resulting in information disclosure.

Ссылки

EPSS

Процентиль: 98%

0.60219

Средний

9.8 Critical

CVSS3

CVE ID

CVE-2017-1000002

Дефекты

CWE-22

Связанные уязвимости

CVE-2017-1000002

CVSS3: 9.8

nvd

больше 8 лет назад

ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component resulting in information disclosure.

EPSS

Процентиль: 98%

0.60219

Средний

9.8 Critical

CVSS3

CVE ID

CVE-2017-1000002

Дефекты

CWE-22