exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2019-8943

больше 6 лет назад

WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.

CVSS3: 6.5

EPSS: Критический

CVE-2019-8943

больше 6 лет назад

WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.

CVSS3: 6.5

EPSS: Критический

CVE-2019-8943

больше 6 лет назад

WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ...

CVSS3: 6.5

EPSS: Критический

GHSA-558v-vpgj-m324

около 3 лет назад

WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.

CVSS3: 6.5

EPSS: Критический

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2019-8943 WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.	CVSS3: 6.5	94% Критический	больше 6 лет назад
CVE-2019-8943 WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.	CVSS3: 6.5	94% Критический	больше 6 лет назад
CVE-2019-8943 WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ...	CVSS3: 6.5	94% Критический	больше 6 лет назад
GHSA-558v-vpgj-m324 WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.	CVSS3: 6.5	94% Критический	около 3 лет назад

Уязвимостей на страницу