Описание
Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.
Ссылки
- Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:rockliffe:mailsite_express:*:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00559
Низкий
5 Medium
CVSS2
Дефекты
CWE-434
Связанные уязвимости
github
почти 4 года назад
Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.
EPSS
Процентиль: 68%
0.00559
Низкий
5 Medium
CVSS2
Дефекты
CWE-434