exploitDog

GHSA-vg2j-wxwj-mx9v

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter.

The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter.

Ссылки

EPSS

Процентиль: 54%

0.00316

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2019-14521

CVSS3: 7.5

nvd

больше 6 лет назад

The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter.

EPSS

Процентиль: 54%

0.00316

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22