PT-2019-10126 · Php Scripts Mall · Php Scripts Mall Advance Crowdfunding Script
Publicado
2019-03-20
·
Atualizado
2019-03-25
·
CVE-2018-20630
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
PHP Scripts Mall Advance Crowdfunding Script version 2.0.3
Description:
The issue allows for directory traversal through a direct request for a listing of an uploads directory, such as the 'wp-content/uploads/2018/12' directory.
Recommendations:
For PHP Scripts Mall Advance Crowdfunding Script version 2.0.3, consider restricting access to the uploads directory to minimize the risk of exploitation.
Exploit
Correção
Path traversal
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Php Scripts Mall Advance Crowdfunding Script