Описание
Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:f3site:f3site:2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05378
Низкий
6.5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php.
EPSS
Процентиль: 90%
0.05378
Низкий
6.5 Medium
CVSS2
Дефекты
NVD-CWE-Other