Количество 3
Количество 3
CVE-2015-7309
The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it.
CVE-2015-7309
The theme editor in Bolt allows remote authenticated users to execute arbitrary code by renaming a crafted file
GHSA-gfg2-33mf-746p
The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-7309 The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it. | CVSS2: 6.5 | 60% Средний | около 10 лет назад |
 | CVE-2015-7309 The theme editor in Bolt allows remote authenticated users to execute arbitrary code by renaming a crafted file | 60% Средний | 3 месяца назад | |
| GHSA-gfg2-33mf-746p The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it. | 60% Средний | больше 3 лет назад |
Уязвимостей на страницу