exploitDog

CVE-2008-5220

Опубликовано: 25 нояб. 2008

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

Unrestricted file upload vulnerability in admin/upload_form.php in wPortfolio 0.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in admin/tmp/.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:wportfolio:wportfolio:*:*:*:*:*:*:*:*

Версия до 0.3 (включая)

cpe:2.3:a:wportfolio:wportfolio:0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05529

Низкий

10 Critical

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-qrrw-cm2j-xv79

github

больше 3 лет назад

Unrestricted file upload vulnerability in admin/upload_form.php in wPortfolio 0.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in admin/tmp/.

EPSS

Процентиль: 90%

0.05529

Низкий

10 Critical

CVSS2

Дефекты

CWE-20