Описание
A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows malicious users to upload arbitrary PHP files to the web root and execute system commands.
Ссылки
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.2 (исключая)
cpe:2.3:a:thomsonreuters:fatca:*:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03066
Низкий
9.9 Critical
CVSS3
9 Critical
CVSS2
Дефекты
CWE-434
Связанные уязвимости
github
больше 3 лет назад
A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows malicious users to upload arbitrary PHP files to the web root and execute system commands.
EPSS
Процентиль: 86%
0.03066
Низкий
9.9 Critical
CVSS3
9 Critical
CVSS2
Дефекты
CWE-434