Описание
Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier allows remote authenticated users to upload and execute arbitrary PHP code by placing a .php filename in the Upload_Avatar parameter and sending the image/gif content type.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.3.5 (включая)
cpe:2.3:a:phplizardo:imperialbb:*:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.04123
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier allows remote authenticated users to upload and execute arbitrary PHP code by placing a .php filename in the Upload_Avatar parameter and sending the image/gif content type.
EPSS
Процентиль: 88%
0.04123
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-94