Описание
An arbitrary file download vulnerability in the component /Basics/DownloadInpFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request.
Ссылки
- Third Party Advisory
- Broken Link
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:nuserp:nus-m9_erp:3.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00215
Низкий
7.5 High
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 7.5
github
около 1 года назад
An arbitrary file download vulnerability in the component /Basics/DownloadInpFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request.
EPSS
Процентиль: 44%
0.00215
Низкий
7.5 High
CVSS3
Дефекты
CWE-94