Описание
The eyeHome function in apps/eyeHome.eyeapp/aplic.php in EyeOS before 0.9.3-3 allows remote attackers to upload and execute arbitrary code via dangerous file extensions that are not all lowercase, which bypasses a cleansing operation.
Ссылки
- Patch
- Patch
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:eyeos:eyeos:0.9.2:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01477
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The eyeHome function in apps/eyeHome.eyeapp/aplic.php in EyeOS before 0.9.3-3 allows remote attackers to upload and execute arbitrary code via dangerous file extensions that are not all lowercase, which bypasses a cleansing operation.
EPSS
Процентиль: 81%
0.01477
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other