Описание
Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uninstall.php.
Ссылки
- ExploitPatch
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:belchior_foundry:vcard:2.8:*:*:*:*:*:*:*
cpe:2.3:a:belchior_foundry:vcard:2.9:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03062
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uninstall.php.
EPSS
Процентиль: 86%
0.03062
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other