ГлавнаяУязвимости → CVE-2024-26503
9.1критическая

CVE-2024-26503

Описание

Unrestricted File Upload vulnerability in Greek Universities Network Open eClass v.3.15 and earlier allows attackers to run arbitrary code via upload of crafted file to certbadge.php endpoint.

Затрагиваемое ПО
Openeclass Openeclass
CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Источники
https://www.less-secure.com/2024/03/open-eclass-cve-2024-26503-unrestricted.htmlhttps://www.less-secure.com/2024/03/open-eclass-cve-2024-26503-unrestricted.html