exploitDog

CVE-2015-1059

Опубликовано: 16 янв. 2015

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in /app/webroot/uploads.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:insanevisions:adaptcms:3.0.3:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04099

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-v2g4-fcv2-r5m3

github

больше 3 лет назад

Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in /app/webroot/uploads.

EPSS

Процентиль: 88%

0.04099

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-94