exploitDog

CVE-2023-45555

Опубликовано: 25 окт. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via a crafted file to the down_url function in zzz.php file.

Ссылки

https://github.com/96xiaopang/Vulnerabilities/blob/main/zzzcms%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0_en.md
Exploit
Third Party Advisory
https://github.com/96xiaopang/Vulnerabilities/blob/main/zzzcms%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0_en.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zzzcms:zzzcms:2.1.9:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00771

Низкий

7.8 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-g7rr-rj9q-jfww

CVSS3: 7.8

github

больше 2 лет назад

File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via a crafted file to the down_url function in zzz.php file.

EPSS

Процентиль: 73%

0.00771

Низкий

7.8 High

CVSS3

Дефекты

CWE-434