Описание
In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:perfree:perfreeblog:4.0.11:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00297
Низкий
8.8 High
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 8.8
github
10 месяцев назад
In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them.
EPSS
Процентиль: 53%
0.00297
Низкий
8.8 High
CVSS3
Дефекты
CWE-94