Privilege escalation

2018-10-2912:29:00

PRIOn knowledge base

www.prio-n.com

9.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.2%

JSON

Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter.

CPENameOperatorVersion
webiness_inventoryeq2.3

CPE	Name	Operator	Version
	webiness_inventory	eq	2.3

References

packetstormsecurity.com/files/149982/Webiness-Inventory-2.9-Shell-Upload.html