Описание
An arbitrary file upload vulnerability exists in emlog pro 2.3.0 and pro 2.3.2 at admin/views/plugin.php that could be exploited by a remote attacker to submit a special request to upload a malicious file to execute arbitrary code.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:emlog:emlog:2.3.0:*:*:*:pro:*:*:*
cpe:2.3:a:emlog:emlog:2.3.2:*:*:*:pro:*:*:*
EPSS
Процентиль: 99%
0.85785
Высокий
6.3 Medium
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 6.3
github
почти 2 года назад
An arbitrary file upload vulnerability exists in emlog pro 2.3.0 and pro 2.3.2 at admin/views/plugin.php that could be exploited by a remote attacker to submit a special request to upload a malicious file to execute arbitrary code.
EPSS
Процентиль: 99%
0.85785
Высокий
6.3 Medium
CVSS3
Дефекты
CWE-434