exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2019-14466

около 6 лет назад

The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web server) via a crafted cookie value, because unserialize is used to restore filter settings from a cookie.

CVSS3: 6.5

EPSS: Низкий

CVE-2019-14466

около 6 лет назад

The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web server) via a crafted cookie value, because unserialize is used to restore filter settings from a cookie.

CVSS3: 6.5

EPSS: Низкий

CVE-2019-14466

около 6 лет назад

The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable ...

CVSS3: 6.5

EPSS: Низкий

GHSA-x55p-vmqf-hfxg

больше 3 лет назад

The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web server) via a crafted cookie value, because unserialize is used to restore filter settings from a cookie.

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2019-14466 The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web server) via a crafted cookie value, because unserialize is used to restore filter settings from a cookie.	CVSS3: 6.5	0% Низкий	около 6 лет назад
CVE-2019-14466 The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web server) via a crafted cookie value, because unserialize is used to restore filter settings from a cookie.	CVSS3: 6.5	0% Низкий	около 6 лет назад
CVE-2019-14466 The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable ...	CVSS3: 6.5	0% Низкий	около 6 лет назад
GHSA-x55p-vmqf-hfxg The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web server) via a crafted cookie value, because unserialize is used to restore filter settings from a cookie.		0% Низкий	больше 3 лет назад

Уязвимостей на страницу