Описание
PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via filenames containing multiple file extensions, as demonstrated using a filename ending in "php.ns", which allows execution of arbitrary PHP code.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:bugada_andrea:php_advanced_transfer_manager:1.21:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.07806
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via filenames containing multiple file extensions, as demonstrated using a filename ending in "php.ns", which allows execution of arbitrary PHP code.
EPSS
Процентиль: 92%
0.07806
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other