Lucene search

K
osvGoogleOSV:CVE-2021-44123
HistoryJan 26, 2022 - 12:15 p.m.

CVE-2021-44123

2022-01-2612:15:07
Google
osv.dev
7
spip 4.0.0
remote command execution
vulnerability
attacker
malicious picture
double extension
upload

AI Score

7.6

Confidence

Low

EPSS

0.002

Percentile

55.4%

SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double extension, upload it and then click on it to execute it.

AI Score

7.6

Confidence

Low

EPSS

0.002

Percentile

55.4%