exploitDog

CVE-2013-1891

Опубликовано: 24 июн. 2022

Источник: nvd

CVSS3: 6.5

CVSS2: 5.5

EPSS Низкий

Описание

In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.

Ссылки

http://www.waraxe.us/advisory-98.html
Exploit
Third Party Advisory
https://seclists.org/fulldisclosure/2013/Mar/176
Exploit
Mailing List
Third Party Advisory
https://www.openwall.com/lists/oss-security/2013/03/24/1
Mailing List
Third Party Advisory
http://www.waraxe.us/advisory-98.html
Exploit
Third Party Advisory
https://seclists.org/fulldisclosure/2013/Mar/176
Exploit
Mailing List
Third Party Advisory
https://www.openwall.com/lists/oss-security/2013/03/24/1
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:opencart:opencart:*:*:*:*:*:*:*:*

Версия от 1.4.7 (включая) до 1.5.5.1 (включая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04021

Низкий

6.5 Medium

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-22

CWE-22

Связанные уязвимости

GHSA-524g-q546-2rwr

CVSS3: 6.5

github

больше 3 лет назад

In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.

EPSS

Процентиль: 88%

0.04021

Низкий

6.5 Medium

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-22

CWE-22