Описание
A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.
Ссылки
- Issue TrackingThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 1.4.0 (включая)
cpe:2.3:a:matthewdeaves:willow_cms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00054
Низкий
4.7 Medium
CVSS3
7.2 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-284
CWE-434
Связанные уязвимости
CVSS3: 4.7
github
3 месяца назад
A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.
EPSS
Процентиль: 17%
0.00054
Низкий
4.7 Medium
CVSS3
7.2 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-284
CWE-434