exploitDog

CVE-2017-17108

Опубликовано: 03 фев. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Path traversal vulnerability in the administrative panel in KonaKart eCommerce Platform version 8.7 and earlier could allow an attacker to download system files, as well as upload specially crafted JSP files and in turn gain access to the server.

Ссылки

http://www.securityfocus.com/archive/1/541742/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/541742/100/0/threaded
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:konakart:konakart:*:*:*:*:*:*:*:*

Версия до 8.7.0.0 (включая)

EPSS

Процентиль: 81%

0.01619

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-567f-r62w-x6ch

CVSS3: 9.8

github

больше 3 лет назад

Path traversal vulnerability in the administrative panel in KonaKart eCommerce Platform version 8.7 and earlier could allow an attacker to download system files, as well as upload specially crafted JSP files and in turn gain access to the server.

EPSS

Процентиль: 81%

0.01619

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-22