Описание
Unrestricted file upload vulnerability in admin/galeria.php in ThePortal2 2.2 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in galeria/.
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:theportal2.pl:theportal2:2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02881
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Unrestricted file upload vulnerability in admin/galeria.php in ThePortal2 2.2 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in galeria/.
EPSS
Процентиль: 86%
0.02881
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-264