Описание
Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory.
Ссылки
- Exploit
- ExploitPatchVendor Advisory
- Exploit
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:bitweaver:bitweaver:1.3:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.07803
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory.
EPSS
Процентиль: 92%
0.07803
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other