Описание
A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and could be used.
Ссылки
- Product
- ExploitThird Party Advisory
- Exploit
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:fabian:email_logging_interface:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00045
Низкий
5.3 Medium
CVSS3
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-23
Связанные уязвимости
CVSS3: 5.3
github
3 месяца назад
A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and could be used.
EPSS
Процентиль: 14%
0.00045
Низкий
5.3 Medium
CVSS3
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-23