Lucene search

K
cvelistMitreCVELIST:CVE-2021-44123
HistoryJan 26, 2022 - 11:57 a.m.

CVE-2021-44123

2022-01-2611:57:30
mitre
www.cve.org
3
spip 4.0.0
remote command execution
vulnerability
attacker
malicious picture
double extension
upload

AI Score

9.1

Confidence

High

EPSS

0.002

Percentile

55.4%

SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double extension, upload it and then click on it to execute it.

AI Score

9.1

Confidence

High

EPSS

0.002

Percentile

55.4%