exploitDog

GHSA-vr8x-p7wp-76wh

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Directory traversal vulnerability in install/popup.php in Exponent CMS before 2.2.0 RC1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.

Directory traversal vulnerability in install/popup.php in Exponent CMS before 2.2.0 RC1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.

Ссылки

EPSS

Процентиль: 62%

0.00424

Низкий

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2013-3295

nvd

около 11 лет назад

Directory traversal vulnerability in install/popup.php in Exponent CMS before 2.2.0 RC1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.

EPSS

Процентиль: 62%

0.00424

Низкий

CVE ID

Дефекты

CWE-22