Описание
Unrestricted file upload vulnerability in admin/addsptemplate.php in AlstraSoft Template Seller Pro 3.25 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary .php filename in the zip parameter, which is created under sptemplates/.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 3.25 (включая)
cpe:2.3:a:alstrasoft:template_seller:*:*:pro:*:*:*:*:*
EPSS
Процентиль: 85%
0.02618
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Unrestricted file upload vulnerability in admin/addsptemplate.php in AlstraSoft Template Seller Pro 3.25 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary .php filename in the zip parameter, which is created under sptemplates/.
EPSS
Процентиль: 85%
0.02618
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other