Описание
Unrestricted file upload vulnerability in webSPELL allows remote authenticated administrators to upload and execute arbitrary PHP code via the add squad feature. NOTE: this issue may be an administrative feature, in which case this CVE may be REJECTED.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:webspell:webspell:*:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00694
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
Unrestricted file upload vulnerability in webSPELL allows remote authenticated administrators to upload and execute arbitrary PHP code via the add squad feature. NOTE: this issue may be an administrative feature, in which case this CVE may be REJECTED.
EPSS
Процентиль: 71%
0.00694
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-20