Описание
An issue was discovered in damiCMS V6.0.1. There is Directory Traversal via '|' characters in the s parameter to admin.php, as demonstrated by an admin.php?s=Tpl/Add/id/c:|windows|win.ini URI.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:damicms:damicms:6.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00255
Низкий
2.7 Low
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 2.7
github
больше 3 лет назад
An issue was discovered in damiCMS V6.0.1. There is Directory Traversal via '|' characters in the s parameter to admin.php, as demonstrated by an admin.php?s=Tpl/Add/id/c:|windows|win.ini URI.
EPSS
Процентиль: 49%
0.00255
Низкий
2.7 Low
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22