Описание
Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafield and Audio modules for Drupal, allows remote attackers to read and delete arbitrary files, list arbitrary directories, and write to empty files or .mp3 files via unknown vectors.
Ссылки
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:drupal:audio_module:*:*:*:*:*:*:*:*
cpe:2.3:a:drupal:getid3:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:drupal:mediafield_module:*:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01158
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafield and Audio modules for Drupal, allows remote attackers to read and delete arbitrary files, list arbitrary directories, and write to empty files or .mp3 files via unknown vectors.
EPSS
Процентиль: 78%
0.01158
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other