exploitDog

CVE-2023-30185

Опубликовано: 08 мая 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \attachment\SystemAttachmentServices.php.

Ссылки

http://crmeb.com
Product
https://github.com/c7w1n/CVE-2023-30185/blob/main/CVE-2023-30185.md
Third Party Advisory
https://www.crmeb.com/
Product
http://crmeb.com
Product
https://github.com/c7w1n/CVE-2023-30185/blob/main/CVE-2023-30185.md
Third Party Advisory
https://www.crmeb.com/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:crmeb:crmeb:*:*:*:*:*:*:*:*

Версия от 4.4.0 (включая) до 4.6.0 (включая)

EPSS

Процентиль: 69%

0.00604

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

CWE-434

Связанные уязвимости

GHSA-hf6q-6gmr-2838

CVSS3: 9.8

github

почти 3 года назад

CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \attachment\SystemAttachmentServices.php.

EPSS

Процентиль: 69%

0.00604

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

CWE-434