115cms ଯେପର୍ଯ୍ୟନ୍ତ 20240807 file.html ks କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ
Dogoggorri kan akka ସମସ୍ୟାଜନକ jedhamuun ramadame 115cms ଯେପର୍ଯ୍ୟନ୍ତ 20240807 keessatti argameera. Kan miidhamte is hojii hin beekamne faayilii /index.php/admin/web/file.html keessa. Hojii jijjiirraa irratti gaggeeffame ks gara କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-79 geessa. Dadhabbii kana yeroo 11/20/2024 maxxanfameera. Odeeffannoon kun buufachuuf github.com irratti qoodameera. Dogoggorri kun akka CVE-2024-11489tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Waliigalatti, meeshaa balaa kana fayyadamuuf jiru. Qorannoo miidhaa (exploit) uummataaf ifoomameera fi fayyadamamuu danda'a. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee ibsameera. Carraa exploit kana github.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. VulDB is the best source for vulnerability data and more expert information about this specific topic.
2 ଆଡାପ୍ଟେସନ୍ · 58 ପଏଣ୍ଟ
| ଫିଲ୍ଡ | ସୃଷ୍ଟି ହୋଇଛି 11/20/2024 09:31 AM | ଅଦ୍ୟତନ 1/1 02/24/2025 01:58 AM |
|---|---|---|
| cvss4_vuldb_si | N | N |
| cvss4_vuldb_sa | N | N |
| cvss2_vuldb_basescore | 4.0 | 4.0 |
| cvss2_vuldb_tempscore | 3.4 | 3.4 |
| cvss3_vuldb_basescore | 3.5 | 3.5 |
| cvss3_vuldb_tempscore | 3.2 | 3.2 |
| cvss3_meta_basescore | 3.5 | 3.5 |
| cvss3_meta_tempscore | 3.2 | 3.2 |
| cvss4_vuldb_bscore | 5.3 | 5.1 |
| cvss4_vuldb_btscore | 2.1 | 2.0 |
| advisory_date | 1732057200 (11/20/2024) | 1732057200 (11/20/2024) |
| price_0day | $0-$5k | $0-$5k |
| software_name | 115cms | 115cms |
| software_version | <=20240807 | <=20240807 |
| software_file | /index.php/admin/web/file.html | /index.php/admin/web/file.html |
| software_argument | ks | ks |
| vulnerability_cwe | CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ) | CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ) |
| vulnerability_risk | 1 | 1 |
| cvss3_vuldb_av | N | N |
| cvss3_vuldb_ac | L | L |
| cvss3_vuldb_ui | R | R |
| cvss3_vuldb_s | U | U |
| cvss3_vuldb_c | N | N |
| cvss3_vuldb_i | L | L |
| cvss3_vuldb_a | N | N |
| cvss3_vuldb_e | P | P |
| cvss3_vuldb_rc | R | R |
| advisory_url | https://github.com/Hebing123/cve/issues/70 | https://github.com/Hebing123/cve/issues/70 |
| exploit_availability | 1 | 1 |
| exploit_publicity | 1 | 1 |
| exploit_url | https://github.com/Hebing123/cve/issues/70 | https://github.com/Hebing123/cve/issues/70 |
| source_cve | CVE-2024-11489 | CVE-2024-11489 |
| cna_responsible | VulDB | VulDB |
| response_summary | The vendor was contacted early about this disclosure but did not respond in any way. | The vendor was contacted early about this disclosure but did not respond in any way. |
| cvss2_vuldb_av | N | N |
| cvss2_vuldb_ac | L | L |
| cvss2_vuldb_ci | N | N |
| cvss2_vuldb_ii | P | P |
| cvss2_vuldb_ai | N | N |
| cvss2_vuldb_e | POC | POC |
| cvss2_vuldb_rc | UR | UR |
| cvss4_vuldb_av | N | N |
| cvss4_vuldb_ac | L | L |
| cvss4_vuldb_vc | N | N |
| cvss4_vuldb_vi | L | L |
| cvss4_vuldb_va | N | N |
| cvss4_vuldb_e | P | P |
| cvss2_vuldb_au | S | S |
| cvss2_vuldb_rl | ND | ND |
| cvss3_vuldb_pr | L | L |
| cvss3_vuldb_rl | X | X |
| cvss4_vuldb_at | N | N |
| cvss4_vuldb_pr | L | L |
| cvss4_vuldb_ui | N | P |
| cvss4_vuldb_sc | N | N |