exploitDog

CVE-2020-36141

Опубликовано: 04 июн. 2021

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

BloofoxCMS 0.5.2.1 allows Unrestricted File Upload vulnerability via bypass MIME Type validation by inserting 'image/jpeg' within the 'Content-Type' header.

Ссылки

https://muteb.io/2020/12/29/BloofoxCMS-Multiple-Vulnerabilities.html
Exploit
Third Party Advisory
URL Repurposed
https://muteb.io/2020/12/29/BloofoxCMS-Multiple-Vulnerabilities.html
Exploit
Third Party Advisory
URL Repurposed

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00423

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-2hrj-3p9c-p37q

github

больше 3 лет назад

BloofoxCMS 0.5.2.1 allows Unrestricted File Upload vulnerability via bypass MIME Type validation by inserting 'image/jpeg' within the 'Content-Type' header.

EPSS

Процентиль: 62%

0.00423

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434