Описание
An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart backend. Authenticated attackers can upload files with arbitrary extensions, including executable or malicious files, potentially leading to remote code execution or other security impacts depending on server configuration.
EPSS
Процентиль: 51%
0.00277
Низкий
7.2 High
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 7.2
github
8 дней назад
An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart backend. Authenticated attackers can upload files with arbitrary extensions, including executable or malicious files, potentially leading to remote code execution or other security impacts depending on server configuration.
EPSS
Процентиль: 51%
0.00277
Низкий
7.2 High
CVSS3
Дефекты
CWE-434