HuankeMao SCRM mpaka 0.0.3 Administrator Backend WxkConfig.php upload_domain_verification_file buleki ya zole ya mingi
| CVSS Meta Temp Score | Nsengo ya exploit ya lelo (≈) | CTI Ntangu ya mfunu |
|---|---|---|
| 4.5 | $0-$5k | 0.14 |
Kinsantu
Dibundu diaka kele ti ya nkaka me mona mu HuankeMao SCRM mpaka 0.0.3. Bila mambu meyina mpila kisalu upload_domain_verification_file ya file WxkConfig.php ya mukanda Administrator Backend. Kuna kusala ya argument domain_verification_file kele na ntwala buleki ya zole ya mingi.
Kikosa yai kele na zina CVE-2024-9278. Kuna luyalu ya ku sala ataaka na nsinga. Na kati, kele ti exploit yina me zaba.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Bisalu
Dibundu diaka kele ti ya nkaka me mona mu HuankeMao SCRM mpaka 0.0.3. Bila mambu meyina mpila kisalu upload_domain_verification_file ya file WxkConfig.php ya mukanda Administrator Backend. Kuna kusala ya argument domain_verification_file kele na ntwala buleki ya zole ya mingi. Kusadila CWE na kuyambula mpasi kele na CWE-434. Bulema yawu zabisamaka. Mbote ya kulanga inani ya downloadi kele na wiki.shikangsi.com.
Kikosa yai kele na zina CVE-2024-9278. Kuna luyalu ya ku sala ataaka na nsinga. Bisalu bya tekiniki bibonakana. Kutemwa ya kele na nswa yai kele na nse ya ya mosi. Na kati, kele ti exploit yina me zaba. Kusadila kwawu kwazwisisamene na bantu bonso mpi lenda salama. Ntangu yai, disolo ya ntalu ya exploit mpeve ve USD $0-$5k.
Ke luyalu ya ku zinga exploit na wiki.shikangsi.com.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Mpiodi
Mubikisi
Dzina
Nsomi
CPE 2.3
CPE 2.2
CVSSv4
VulDB Nsinga: 🔍VulDB Kukwama: 🔍
CVSSv3
VulDB Meta Base Score: 4.7VulDB Meta Temp Score: 4.5
VulDB Nsinga ya ntete: 4.7
VulDB Nsangu ya ntangu: 4.3
VulDB Nsinga: 🔍
VulDB Kukwama: 🔍
CNA Nsinga ya ntete: 4.7
CNA Nsinga: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vɛkɛtɛr | Kompɛlɛksite | Kukanga ya kimvuka | Kibombama | Kumweneka ya kieleka | Kupusana |
|---|---|---|---|---|---|
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
VulDB Nsinga ya ntete: 🔍
VulDB Nsangu ya ntangu: 🔍
VulDB Kukwama: 🔍
Kusangula
Kilasi: Buleki ya zole ya mingiCWE: CWE-434 / CWE-284 / CWE-266
CAPEC: 🔍
ATT&CK: 🔍
Ya nitu: Veve
Ya mboka: Veve
Ya kutali: Ee
Kupusana: 🔍
Mokano: Ya pole
Bika: Lufutuka ya lufutuka
Kokanga: 🔍
Google Hack: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Ntangu ya mbongo: 🔍
Nsadisi ya ntalu ya lelo: 🔍
| 0-Day | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
|---|---|---|---|---|
| Lelo | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
Nsangu ya Minyoka
Mfunu: 🔍Batu bazali na misala: 🔍
Bampangi ya APT bazali na misala ya ntango nyonso: 🔍
Bikesa ya kulwisa
Tombwisa: ka lusansu luyindwangaBika: 🔍
Tango ya 0-Day: 🔍
Nsango ya ntangu
09/27/2024 🔍09/27/2024 🔍
10/01/2024 🔍
Minsinsa
Tiyano: wiki.shikangsi.comBika: Kabikidi ko
CVE: CVE-2024-9278 (🔍)
GCVE (CVE): GCVE-0-2024-9278
GCVE (VulDB): GCVE-100-278660
scip Labs: https://www.scip.ch/en/?labs.20161013
Kusonika
Kusala: 09/27/2024 07:41Kusala kisalu kipya: 10/01/2024 06:48
Bisalu: 09/27/2024 07:41 (57), 10/01/2024 06:48 (19)
Keleka nyonso: 🔍
Mutumisi: wiki
Cache ID: 253:437:103
Tumela
Kabulami
- Tumela #410393: Huankemao SCRM 0.0.3 Unrestricted Upload (kuva wiki)
Ata beto na ndinga. Minu dia: kg + ln + en.
Benga na kati na site mpo na kokoka kosala ndakisa.