Описание
Free Host Shop Website Generator 3.3 allows remote authenticated users with administrative privileges to upload and execute arbitrary files via a formname parameter with a filename containing a dangerous file extension and a trailing %00.
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:free_host_shop:website_generator:3.3:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02718
Низкий
6.5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Free Host Shop Website Generator 3.3 allows remote authenticated users with administrative privileges to upload and execute arbitrary files via a formname parameter with a filename containing a dangerous file extension and a trailing %00.
EPSS
Процентиль: 86%
0.02718
Низкий
6.5 Medium
CVSS2
Дефекты
NVD-CWE-Other