CVE-2014-8084 in OSClassالمعلومات

الملخص

بحسب MITRE

Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass before 3.4.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

حجز

09/10/2014

إفشاء

05/01/2015

الاعتدال

تمت الموافقة

إدخال

VDB-73497

استغلال

تحميل

EPSS

0.03249

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you need the next level of professionalism?

Upgrade your account now!