Опубликовано: 04 нояб. 2016
Источник: ubuntu
Приоритет: negligible
EPSS Низкий
CVSS2: 6.5
CVSS3: 8.8
Описание
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | |
| cosmic | ignored | |
| devel | ignored | |
| esm-apps/bionic | ignored | |
| esm-apps/xenial | ignored | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needs-triage |
| trusty | ignored |
Показывать по
10
EPSS
Процентиль: 87%
0.03277
Низкий
6.5 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
CVSS3: 8.8
nvd
около 9 лет назад
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
CVSS3: 8.8
debian
около 9 лет назад
Unrestricted file upload vulnerability in the double extension support ...
EPSS
Процентиль: 87%
0.03277
Низкий
6.5 Medium
CVSS2
8.8 High
CVSS3