CVE-2019-10276

Опубликовано: 29 мар. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via the web/assets/swf/uploadify.php URI, as demonstrated by a .php file with the image/jpeg content type.

Ссылки

https://github.com/cobub/razor/issues/168
Exploit
Issue Tracking
Third Party Advisory
https://github.com/kyrie403/Vuln/blob/master/Cobub%20Razor/Cobub%20Razor%20-%20file%20upload%20vulnerability.md
Exploit
Third Party Advisory
https://github.com/cobub/razor/issues/168
Exploit
Issue Tracking
Third Party Advisory
https://github.com/kyrie403/Vuln/blob/master/Cobub%20Razor/Cobub%20Razor%20-%20file%20upload%20vulnerability.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cobub:razor:0.8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00363

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-w93m-vpf6-mmmj