exploitDog

GHSA-x78j-rvfq-r7vw

Опубликовано: 11 авг. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module.

File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module.

Ссылки

EPSS

Процентиль: 82%

0.01641

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2020-36082

CVSS3: 9.8

nvd

больше 2 лет назад

File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module.

EPSS

Процентиль: 82%

0.01641

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434