Описание
Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to create arbitrary files and possibly execute arbitrary code via unspecified attack vectors related to improper handling of (1) the reply parameter, possibly involving injection of (2) the name parameter and (3) the body parameter.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:perlblog:perlblog:1.08:*:*:*:*:*:*:*
cpe:2.3:a:perlblog:perlblog:1.09:*:*:*:*:*:*:*
cpe:2.3:a:perlblog:perlblog:1.09b:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05504
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to create arbitrary files and possibly execute arbitrary code via unspecified attack vectors related to improper handling of (1) the reply parameter, possibly involving injection of (2) the name parameter and (3) the body parameter.
EPSS
Процентиль: 90%
0.05504
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other