Описание
Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix.
Ссылки
- Product
- ExploitThird Party Advisory
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 11.0.3 (включая) до 11.0.46 (включая)
cpe:2.3:a:phpvibe:phpvibe:*:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.00958
Низкий
9.8 Critical
CVSS3
8.8 High
CVSS3
Дефекты
CWE-22
CWE-35
Связанные уязвимости
CVSS3: 8.8
github
больше 1 года назад
Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix.
EPSS
Процентиль: 76%
0.00958
Низкий
9.8 Critical
CVSS3
8.8 High
CVSS3
Дефекты
CWE-22
CWE-35