exploitDog

CVE-2021-45003

Опубликовано: 10 янв. 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code execution (RCE) vulnerability in profile.php through the "image" parameter that can execute a webshell payload.

Ссылки

https://drive.google.com/drive/folders/1VuWo2JS7VTh9KPRnoi7CZZQgVZ4msBav?usp=sharing
Exploit
Third Party Advisory
https://github.com/qerogram/BUG_WEB/tree/main/OpenSource/CVE-2021-45003
Exploit
Third Party Advisory
https://drive.google.com/drive/folders/1VuWo2JS7VTh9KPRnoi7CZZQgVZ4msBav?usp=sharing
Exploit
Third Party Advisory
https://github.com/qerogram/BUG_WEB/tree/main/OpenSource/CVE-2021-45003
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nikhil-bhalerao:laundry_booking_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03368

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-276

Связанные уязвимости

GHSA-fxqx-qj2c-2fc7

CVSS3: 9.8

github

около 4 лет назад

Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code execution (RCE) vulnerability in profile.php through the "image" parameter that can execute a webshell payload.

EPSS

Процентиль: 87%

0.03368

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-276