Количество 3
Количество 3
CVE-2012-10050
CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the restart_circulation_values_write.php script. The application fails to validate or restrict uploaded file types, allowing unauthenticated attackers to upload arbitrary PHP files to the upload/___1/ directory. These files are then accessible via the web server, enabling remote code execution.
CVE-2012-10050
CuteFlow version 2.11.2 and earlier contains an arbitrary file upload ...
GHSA-h3xh-crwg-5j8r
CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the restart_circulation_values_write.php script. The application fails to validate or restrict uploaded file types, allowing unauthenticated attackers to upload arbitrary PHP files to the upload/___1/ directory. These files are then accessible via the web server, enabling remote code execution.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2012-10050 CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the restart_circulation_values_write.php script. The application fails to validate or restrict uploaded file types, allowing unauthenticated attackers to upload arbitrary PHP files to the upload/___1/ directory. These files are then accessible via the web server, enabling remote code execution. | 62% Средний | 6 месяцев назад | |
| CVE-2012-10050 CuteFlow version 2.11.2 and earlier contains an arbitrary file upload ... | 62% Средний | 6 месяцев назад | |
| GHSA-h3xh-crwg-5j8r CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the restart_circulation_values_write.php script. The application fails to validate or restrict uploaded file types, allowing unauthenticated attackers to upload arbitrary PHP files to the upload/___1/ directory. These files are then accessible via the web server, enabling remote code execution. | 62% Средний | 6 месяцев назад |
Уязвимостей на страницу