ГлавнаяУязвимости → CVE-2024-50648
9.8критическая

CVE-2024-50648

Описание

yshopmall V1.0 has an arbitrary file upload vulnerability, which can enable RCE or even take over the server when improperly configured to parse JSP files.

Затрагиваемое ПО
Guchengwuyue Yshopmall
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/Yllxx03/CVE/blob/main/yshop_fileu_pload.mdhttps://github.com/Yllxx03/CVE/tree/main/CVE-2024-50648