CVE-2024-30510

Опубликовано: 29 мар. 2024

Источник: nvd

CVSS3: 10

CVSS3: 9.8

EPSS Низкий

Описание

Unrestricted Upload of File with Dangerous Type vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 9.5.

Ссылки

https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-9-5-arbitrary-file-upload-vulnerability?_s_id=cve
Third Party Advisory
https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-9-5-arbitrary-file-upload-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*

Версия до 9.5.1 (исключая)

EPSS

Процентиль: 75%

0.0091

Низкий

10 Critical

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-3vxf-c798-m86j

CVSS3: 10

github

почти 2 года назад

Unrestricted Upload of File with Dangerous Type vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 9.5.

EPSS

Процентиль: 75%

0.0091

Низкий

10 Critical

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-434