exploitDog

CVE-2022-48161

Опубликовано: 01 фев. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Easy Images v2.0 was discovered to contain an arbitrary file download vulnerability via the component /application/down.php. This vulnerability is exploited via a crafted GET request.

Ссылки

https://github.com/sunset-move/EasyImages2.0-arbitrary-file-download-vulnerability
Exploit
Third Party Advisory
https://github.com/sunset-move/EasyImages2.0-arbitrary-file-download-vulnerability
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:easy_images_project:easy_images:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00371

Низкий

7.5 High

CVSS3

Дефекты

CWE-552

CWE-552

Связанные уязвимости

GHSA-m8r4-2mgm-775c

CVSS3: 7.5

github

около 3 лет назад

Easy Images v2.0 was discovered to contain an arbitrary file download vulnerability via the component /application/down.php. This vulnerability is exploited via a crafted GET request.

EPSS

Процентиль: 58%

0.00371

Низкий

7.5 High

CVSS3

Дефекты

CWE-552

CWE-552