Описание
Online Book Store Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'image' parameter of admin_edit.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application.
Ссылки
- ExploitThird Party Advisory
- Product
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:projectworlds:online_book_store_project:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02099
Низкий
8.8 High
CVSS3
Дефекты
CWE-434
CWE-434
Связанные уязвимости
CVSS3: 9.1
github
больше 2 лет назад
[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]
EPSS
Процентиль: 84%
0.02099
Низкий
8.8 High
CVSS3
Дефекты
CWE-434
CWE-434