Описание
Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:textpattern:textpattern:4.8.4:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00146
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 6.5
debian
почти 5 лет назад
Textpattern V4.8.4 contains an arbitrary file upload vulnerability whe ...
github
больше 3 лет назад
Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions.
EPSS
Процентиль: 35%
0.00146
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-434