Lucene search
K

4 matches found

osv
osv
added 2019/04/05 5:29 a.m.18 views

CVE-2019-10874

Cross Site Request Forgery CSRF in the bolt/upload File Upload feature in Bolt CMS 3.6.6 allows remote attackers to execute arbitrary code by uploading a JavaScript file to include executable extensions in the file/edit/config/config.yml configuration file...

8.8CVSS8AI score
Exploits0References4
nvd
nvd
added 2019/04/05 5:29 a.m.53 views

CVE-2019-10874

Cross Site Request Forgery CSRF in the bolt/upload File Upload feature in Bolt CMS 3.6.6 allows remote attackers to execute arbitrary code by uploading a JavaScript file to include executable extensions in the file/edit/config/config.yml configuration file...

8.8CVSS9AI score0.04522EPSS
Exploits3References4
cvelist
cvelist
added 2019/04/05 4:42 a.m.52 views

CVE-2019-10874

Cross Site Request Forgery CSRF in the bolt/upload File Upload feature in Bolt CMS 3.6.6 allows remote attackers to execute arbitrary code by uploading a JavaScript file to include executable extensions in the file/edit/config/config.yml configuration file...

9.1AI score0.04522EPSS
Exploits3References4
cve
cve
added 2019/04/05 4:42 a.m.75 views

CVE-2019-10874

Bolt CMS 3.6.6 is affected by a CSRF in the bolt/upload file upload feature. An attacker can upload a JavaScript file to trigger code execution by manipulating the file/edit/config/config.yml configuration, enabling arbitrary code execution on the server. The vulnerability is described across mul...

8.8CVSS9AI score0.04522EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder