exploitDog

CVE-2022-26627

Опубликовано: 07 апр. 2022

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file.

Ссылки

https://github.com/qerogram/BUG_WEB/tree/main/OpenSource/PTMS
Exploit
Third Party Advisory
https://github.com/qerogram/BUG_WEB/tree/main/OpenSource/PTMS
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:online_project_time_management_system_project:online_project_time_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00706

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-vjgw-cc8r-582j

CVSS3: 8.8

github

почти 4 года назад

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file.

EPSS

Процентиль: 72%

0.00706

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-434