exploitDog

GHSA-v699-rccr-vgfv

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection.

PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection.

Ссылки

EPSS

Процентиль: 99%

0.73453

Высокий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2017-9080

CVSS3: 8.8

nvd

больше 8 лет назад

PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection.

EPSS

Процентиль: 99%

0.73453

Высокий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434