exploitDog

CVE-2024-52401

Опубликовано: 19 нояб. 2024

Источник: nvd

CVSS3: 9.6

EPSS Низкий

Описание

Cross-Site Request Forgery (CSRF) vulnerability in 荒野无灯 Hacklog DownloadManager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through 2.1.4.

Ссылки

https://patchstack.com/database/vulnerability/hacklog-downloadmanager/wordpress-hacklog-downloadmanager-plugin-2-1-4-csrf-to-arbitrary-file-upload-vulnerability?_s_id=cve

EPSS

Процентиль: 42%

0.00202

Низкий

9.6 Critical

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-vwxq-h662-6mgh

CVSS3: 9.6

github

около 1 года назад

Cross-Site Request Forgery (CSRF) vulnerability in 荒野无灯 Hacklog DownloadManager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through 2.1.4.

EPSS

Процентиль: 42%

0.00202

Низкий

9.6 Critical

CVSS3

Дефекты

CWE-352