exploitDog

GHSA-wpqp-8p76-3p7h

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../ path traversal via d or f to Admin/RoxyFileman/ProcessRequest because of Libraries/Nop.Services/Media/RoxyFileman/FileRoxyFilemanService.cs.

RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../ path traversal via d or f to Admin/RoxyFileman/ProcessRequest because of Libraries/Nop.Services/Media/RoxyFileman/FileRoxyFilemanService.cs.

Ссылки

EPSS

Процентиль: 69%

0.00619

Низкий

CVE ID

Связанные уязвимости

CVE-2019-19683

CVSS3: 9.1

nvd

около 6 лет назад

RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../ path traversal via d or f to Admin/RoxyFileman/ProcessRequest because of Libraries/Nop.Services/Media/RoxyFileman/FileRoxyFilemanService.cs.

EPSS

Процентиль: 69%

0.00619

Низкий

CVE ID