PT-2017-10822 · October · October Cms

Publicado

2017-10-04

·

Atualizado

2022-05-13

·

CVE-2017-1000119

CVSS v3.1

7.2

Alta

VetorAV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions October CMS build 412
Description The issue allows for PHP code execution in the file upload functionality, which can result in site compromise and potentially affect other applications on the server.
Recommendations For October CMS build 412, update to a version that fixes the file upload vulnerability to prevent PHP code execution and potential site compromise.

Exploit

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2017-1000119
GHSA-Q263-J3Q9-G964

Produtos afetados

October Cms