exploitDog

CVE-2020-35598

Опубликовано: 23 дек. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Высокий

Описание

ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI. NOTE: this might be the same as CVE-2009-4623

Ссылки

https://seclists.org/fulldisclosure/2020/Dec/13
Exploit
Mailing List
Third Party Advisory
https://seclists.org/fulldisclosure/2020/Dec/13
Exploit
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:advanced_comment_system_project:advanced_comment_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.74425

Высокий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-3896-fhmw-qp2v

github

больше 3 лет назад

ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI.

EPSS

Процентиль: 99%

0.74425

Высокий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22