Описание
Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.5.5 (исключая)
cpe:2.3:a:cubecart:cubecart:*:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.10621
Средний
9.8 Critical
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters.
EPSS
Процентиль: 93%
0.10621
Средний
9.8 Critical
CVSS3
Дефекты
CWE-22
CWE-22