Описание
An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via a crafted file uploaded to the sign-up.php component.
Ссылки
- Third Party Advisory
- https://abstracted-howler-727.notion.site/Vulnerability-Description-ccc2e6489a0d43859c61a7982e649da1ExploitThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- https://abstracted-howler-727.notion.site/Vulnerability-Description-ccc2e6489a0d43859c61a7982e649da1ExploitThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:oretnom23:expense_management_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.00049
Низкий
7.8 High
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via a crafted file uploaded to the sign-up.php component.
EPSS
Процентиль: 16%
0.00049
Низкий
7.8 High
CVSS3
Дефекты
CWE-434