exploitDog

GHSA-x863-92xc-p6xw

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Directory traversal vulnerability in common.php in CMScout 2.05, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bit parameter, as demonstrated by an upload to avatar/ of a .jpg file containing PHP sequences.

Directory traversal vulnerability in common.php in CMScout 2.05, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bit parameter, as demonstrated by an upload to avatar/ of a .jpg file containing PHP sequences.

Ссылки

EPSS

Процентиль: 92%

0.07503

Низкий

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2008-3415

nvd

больше 17 лет назад

Directory traversal vulnerability in common.php in CMScout 2.05, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bit parameter, as demonstrated by an upload to avatar/ of a .jpg file containing PHP sequences.

EPSS

Процентиль: 92%

0.07503

Низкий

CVE ID

Дефекты

CWE-22