Описание
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:schools_alert_management_script_project:schools_alert_management_script:2.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.0218
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture.
EPSS
Процентиль: 84%
0.0218
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-434