exploitDog

CVE-2022-40878

Опубликовано: 27 сент. 2022

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE).

Ссылки

https://www.exploit-db.com/exploits/50726
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/50726
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:exam_reviewer_management_system_project:exam_reviewer_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.07218

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

CWE-434

Связанные уязвимости

GHSA-4rhp-v69r-6w59

CVSS3: 8.8

github

больше 3 лет назад

In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE).

EPSS

Процентиль: 91%

0.07218

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

CWE-434