Описание
An arbitrary file deletion vulnerability was discovered on htmly v2.7.5 which allows remote attackers to use any absolute path to delete any file in the server should they gain Administrator privileges.
Ссылки
- ExploitIssue TrackingPatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:htmly:htmly:2.7.5:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01518
Низкий
6.5 Medium
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
An arbitrary file deletion vulnerability was discovered on htmly v2.7.5 which allows remote attackers to use any absolute path to delete any file in the server should they gain Administrator privileges.
EPSS
Процентиль: 81%
0.01518
Низкий
6.5 Medium
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-22