Описание
An issue was discovered in Appalti & Contratti 9.12.2. The target web applications allow Local File Inclusion in any page relying on the href parameter to specify the JSP page to be rendered. This affects ApriPagina.do POST and GET requests to each application.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:maggioli:appalti_\&_contratti:9.12.2:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00266
Низкий
7.5 High
CVSS3
Дефекты
NVD-CWE-Other
CWE-98
Связанные уязвимости
CVSS3: 7.5
github
около 3 лет назад
An issue was discovered in Appalti & Contratti 9.12.2. The target web applications allow Local File Inclusion in any page relying on the href parameter to specify the JSP page to be rendered. This affects ApriPagina.do POST and GET requests to each application.
EPSS
Процентиль: 50%
0.00266
Низкий
7.5 High
CVSS3
Дефекты
NVD-CWE-Other
CWE-98