Описание
cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCMS) through 12.0.3.0 has "Improper Neutralization of Special Elements used in an OS Command," allowing attackers to execute OS commands via an HTTP GET parameter.
Уязвимые конфигурации
Конфигурация 1Версия до 12.0.3.0 (включая)
cpe:2.3:a:altavoz:prontuscms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01179
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCMS) through 12.0.3.0 has "Improper Neutralization of Special Elements used in an OS Command," allowing attackers to execute OS commands via an HTTP GET parameter.
EPSS
Процентиль: 78%
0.01179
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78