Описание
Directory traversal vulnerability in PHPKIT 1.6.1 R2 and earlier might allow remote authenticated users to execute arbitrary PHP code via a .. (dot dot) in the path parameter and a %00 at the end of the filename, as demonstrated by an avatar filename ending with .png%00.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:phpkit:phpkit:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:phpkit:phpkit:1.6.1:rc2:*:*:*:*:*:*
cpe:2.3:a:phpkit:phpkit:1.6.02:*:*:*:*:*:*:*
cpe:2.3:a:phpkit:phpkit:1.6.03:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01703
Низкий
6.5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in PHPKIT 1.6.1 R2 and earlier might allow remote authenticated users to execute arbitrary PHP code via a .. (dot dot) in the path parameter and a %00 at the end of the filename, as demonstrated by an avatar filename ending with .png%00.
EPSS
Процентиль: 82%
0.01703
Низкий
6.5 Medium
CVSS2
Дефекты
NVD-CWE-Other