Описание
Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and earlier allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files by uploading an avatar file with an accepted Content-Type such as image/jpeg.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:zero_cms:zero_cms:1.0_alpha:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.02007
Низкий
7.5 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and earlier allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files by uploading an avatar file with an accepted Content-Type such as image/jpeg.
EPSS
Процентиль: 83%
0.02007
Низкий
7.5 High
CVSS2
Дефекты
CWE-264