CVE-2020-10964

Опубликовано: 25 мар. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 9.8

Описание

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.

Релиз	Статус	Примечание
bionic	DNE
devel	DNE
eoan	DNE
esm-infra-legacy/trusty	DNE
esm-infra/focal	DNE
focal	DNE
precise	ignored	end of life
precise/esm	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 88%

0.03798

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2020-10964

CVSS3: 9.8

nvd

почти 6 лет назад

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.

CVE-2020-10964

CVSS3: 9.8

debian

почти 6 лет назад

Serendipity before 2.3.4 on Windows allows remote attackers to execute ...

GHSA-xjqm-3cpf-r6x4

github

больше 3 лет назад

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.

EPSS

Процентиль: 88%

0.03798

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2020-10964

Описание

Пакет serendipity

Ссылки на источники

Связанные уязвимости