PT-2018-14958 · Clippercms · Clippercms

Hexifeo

Publicado

2018-11-21

Atualizado

2018-12-27

CVE-2018-19424

CVSS v3.1

7.2

Alta

Vetor

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ClipperCMS version 1.3.3

Description The issue allows remote authenticated administrators to upload .htaccess files, which could potentially lead to security problems.

Recommendations For ClipperCMS version 1.3.3, restrict access to the file upload feature for administrators until a patch is available, and consider disabling the ability to upload .htaccess files as a temporary workaround.

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2018-19424

Produtos afetados

Clippercms

PT-2018-14958 · Clippercms · Clippercms

CVE-2018-19424

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3