exploitDog

GHSA-v8r8-56x7-prx6

Опубликовано: 20 мая 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that can cause arbitrary file reading.

smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that can cause arbitrary file reading.

Ссылки

EPSS

Процентиль: 68%

0.00558

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2024-34193

CVSS3: 7.5

nvd

больше 1 года назад

smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that can cause arbitrary file reading.

EPSS

Процентиль: 68%

0.00558

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22