Описание
Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc".
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:laobancms:laobancms:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00842
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-434
Связанные уязвимости
github
больше 3 лет назад
Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc".
EPSS
Процентиль: 74%
0.00842
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-434