exploitDog

CVE-2023-26817

Опубликовано: 07 апр. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

codefever before 2023.2.7-commit-b1c2e7f was discovered to contain a remote code execution (RCE) vulnerability via the component /controllers/api/user.php.

Ссылки

https://github.com/PGYER/codefever/issues/140
Exploit
Issue Tracking
Third Party Advisory
https://github.com/PGYER/codefever/issues/140
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pgyer:codefever:*:*:*:*:*:*:*:*

Версия до 2023-02-07 (исключая)

EPSS

Процентиль: 83%

0.01825

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-94

Связанные уязвимости

GHSA-94g5-g8cc-mwfw

CVSS3: 8.8

github

почти 3 года назад

codefever before 2023.2.7-commit-b1c2e7f was discovered to contain a remote code execution (RCE) vulnerability via the component /controllers/api/user.php.

EPSS

Процентиль: 83%

0.01825

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-94