Описание
upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files.
Ссылки
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:raditha_dissanayake:mega_upload_progress_bar:1.30:*:*:*:*:*:*:*
cpe:2.3:a:raditha_dissanayake:mega_upload_progress_bar:1.35:*:*:*:*:*:*:*
cpe:2.3:a:raditha_dissanayake:mega_upload_progress_bar:1.43:*:*:*:*:*:*:*
cpe:2.3:a:raditha_dissanayake:mega_upload_progress_bar:1.44:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00551
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files.
EPSS
Процентиль: 67%
0.00551
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-264