Описание
syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot.
Ссылки
- Mailing ListPatchThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:syscp_project:syscp:1.4.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00528
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 9.8
ubuntu
около 6 лет назад
syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot.
CVSS3: 9.8
debian
около 6 лет назад
syscp 1.4.2.1 allows attackers to add arbitrary paths via the document ...
github
больше 3 лет назад
syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot.
EPSS
Процентиль: 66%
0.00528
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20