Описание
WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server.
EPSS
Процентиль: 53%
0.00303
Низкий
Дефекты
CWE-434
Связанные уязвимости
github
около 2 месяцев назад
WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server.
EPSS
Процентиль: 53%
0.00303
Низкий
Дефекты
CWE-434