Описание
An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile's avatar.
Ссылки
- Not Applicable
- Not Applicable
- Product
- Vendor Advisory
- Not Applicable
- ExploitThird Party Advisory
- Not Applicable
- Not Applicable
- Product
- Vendor Advisory
- Not Applicable
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:personal-management-system:personal_management_system:1.4.64:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00496
Низкий
7.8 High
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile's avatar.
EPSS
Процентиль: 65%
0.00496
Низкий
7.8 High
CVSS3
Дефекты
CWE-434