Описание
Unrestricted file upload vulnerability in PHPFM before 0.2.3 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to an accessible directory, as demonstrated using a file with a .php extension, aka "upload phpshell."
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:phpfm:phpfm:*:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03925
Низкий
6.5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Unrestricted file upload vulnerability in PHPFM before 0.2.3 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to an accessible directory, as demonstrated using a file with a .php extension, aka "upload phpshell."
EPSS
Процентиль: 88%
0.03925
Низкий
6.5 Medium
CVSS2
Дефекты
NVD-CWE-Other