exploitDog

CVE-2021-38753

Опубликовано: 16 авг. 2021

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An unrestricted file upload on Simple Image Gallery Web App can be exploited to upload a web shell and executed to gain unauthorized access to the server hosting the web app.

Ссылки

https://github.com/dumpling-soup/Simple-Image-Gallery-Web-App/blob/main/README.md
Exploit
Third Party Advisory
https://github.com/dumpling-soup/Simple-Image-Gallery-Web-App/blob/main/README.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simple_image_gallery_web_app_project:simple_image_gallery_web_app:-:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00517

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-63q8-3w8v-3263

github

больше 3 лет назад

An unrestricted file upload on Simple Image Gallery Web App can be exploited to upload a web shell and executed to gain unauthorized access to the server hosting the web app.

EPSS

Процентиль: 66%

0.00517

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-434