exploitDog

CVE-2023-31576

Опубликовано: 16 мая 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file.

Ссылки

https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/s9y/2023/Serendipity-2.4-beta-1
Exploit
Third Party Advisory
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/s9y/2023/Serendipity-2.4-beta-1
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:s9y:serendipity:2.4.0:beta1:*:*:*:*:*:*

EPSS

Процентиль: 31%

0.00115

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

CWE-434

Связанные уязвимости

CVE-2023-31576

CVSS3: 8.8

debian

больше 2 лет назад

An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows ...

GHSA-638v-v22w-p2vq

CVSS3: 8.8

github

больше 2 лет назад

An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file.

EPSS

Процентиль: 31%

0.00115

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

CWE-434