Unrestricted Upload of File with Dangerous Type in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.00309
Percentile:
0.5359
CVSS Scoring
CVSS v3.1 Score: 9.8
Severity: CRITICAL
Mapped CWE(s)
-
CWE-434
: Unrestricted Upload of File with Dangerous Type
All CAPEC(s)
-
CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs
CAPEC(s) with Mapped TTPs
-
CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs
Mapped TTPs:
-
T1574.010
: Services File Permissions Weakness
Mapped ATT&CK TTPs
-
T1574.010
: Services File Permissions Weakness
Kill Chain: persistence
Malware
APTs Threat Group Associations
Campaigns
Affected Products
- cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:*
← Back to Home