Описание
mtnpeak.net File Upload Manager does not properly check user authentication for certain actions, which allows remote attackers to provide a modified base64-encoded file parameter and (1) read arbitrary files via the "view" action or (2) delete arbitrary files via the del action.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:adam_mmedici:file_upload_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00842
Низкий
7.5 High
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
почти 4 года назад
mtnpeak.net File Upload Manager does not properly check user authentication for certain actions, which allows remote attackers to provide a modified base64-encoded file parameter and (1) read arbitrary files via the "view" action or (2) delete arbitrary files via the del action.
EPSS
Процентиль: 74%
0.00842
Низкий
7.5 High
CVSS2
Дефекты
CWE-287