CVE-2015-10018 in d2filesthông tin

Tóm tắt

Bởi MITRE • 09/01/2023

A vulnerability has been found in DBRisinajumi d2files and classified as critical. Affected by this vulnerability is the function actionUpload/actionDownloadFile of the file controllers/D2filesController.php. The manipulation leads to sql injection. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is b5767f2ec9d0f3cbfda7f13c84740e2179c90574. It is recommended to upgrade the affected component. The identifier VDB-217561 was assigned to this vulnerability.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

chịu trách nhiệm

VulDB

Đặt trước

06/01/2023

Tiết lộ

09/01/2023

Kiểm duyệt

được chấp nhận

mục

VDB-217561

CPE

sẵn sàng

CWE

CWE-89 (Đã xác nhận)

CVSS

9.8 (NVD)

EPSS

0.00353

KEV

không

Các hoạt động

rất thấp

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-10018
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-10018
CVE Details	https://www.cvedetails.com/cve/CVE-2015-10018/

◂ Trước Tổng Quan Tiếp theo ▸

Want to know what is going to be exploited?

We predict KEV entries!