exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2018-14857

больше 7 лет назад

Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-14857

больше 7 лет назад

Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-14857

больше 7 лет назад

Unrestricted file upload (with remote code execution) in require/mail/ ...

CVSS3: 8.8

EPSS: Низкий

GHSA-3g3v-97v3-vj6w

больше 3 лет назад

Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.

CVSS3: 8.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2018-14857 Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.	CVSS3: 8.8	5% Низкий	больше 7 лет назад
CVE-2018-14857 Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.	CVSS3: 8.8	5% Низкий	больше 7 лет назад
CVE-2018-14857 Unrestricted file upload (with remote code execution) in require/mail/ ...	CVSS3: 8.8	5% Низкий	больше 7 лет назад
GHSA-3g3v-97v3-vj6w Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.	CVSS3: 8.8	5% Низкий	больше 3 лет назад

Уязвимостей на страницу