CVE-2015-10018 in d2filesinfo

Zusammenfassung

von MITRE • 09.01.2023

A vulnerability has been found in DBRisinajumi d2files and classified as critical. Affected by this vulnerability is the function actionUpload/actionDownloadFile of the file controllers/D2filesController.php. The manipulation leads to sql injection. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is b5767f2ec9d0f3cbfda7f13c84740e2179c90574. It is recommended to upgrade the affected component. The identifier VDB-217561 was assigned to this vulnerability.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulDB

Reservieren

06.01.2023

Veröffentlichung

09.01.2023

Moderieren

akzeptiert

Eintrag

VDB-217561

CPE

bereit

CWE

CWE-89 (bestätigt)

CVSS

9.8 (NVD)

EPSS

0.00353

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-10018
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-10018
CVE Details	https://www.cvedetails.com/cve/CVE-2015-10018/

◂ Zurück Übersicht Weiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!