Описание
Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the website files. This issue affects MegaBIP software versions through 5.11.2.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Product
- Press/Media Coverage
- Third Party Advisory
- Third Party Advisory
- Product
- Press/Media Coverage
Уязвимые конфигурации
Конфигурация 1Версия до 5.11.2 (включая)
cpe:2.3:a:megabip:megabip:*:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02294
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-94
CWE-94
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the website files. This issue affects all versions of MegaBIP software.
EPSS
Процентиль: 84%
0.02294
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-94
CWE-94