CVE-2021-46428

Опубликовано: 27 янв. 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 ( and previous versions via the bot_avatar parameter in SystemSettings.php.

Ссылки

https://cxsecurity.com/issue/WLB-2022010093
Exploit
Issue Tracking
Third Party Advisory
https://www.exploit-db.com/exploits/50672
Exploit
Third Party Advisory
VDB Entry
https://cxsecurity.com/issue/WLB-2022010093
Exploit
Issue Tracking
Third Party Advisory
https://www.exploit-db.com/exploits/50672
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simple_chatbot_application_project:simple_chatbot_application:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02702

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-mm5h-c8p7-5v83

github

около 4 лет назад