Lucene search
K

4 matches found

NVD
NVD
added 2021/03/11 7:15 a.m.24 views

CVE-2021-28132

LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration Tool in the Support section allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI...

9.8CVSS0.03153EPSS
Exploits1References1
Prion
Prion
added 2021/03/11 7:15 a.m.17 views

Remote code execution

LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration Tool in the Support section allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI...

7.5CVSS9.8AI score0.03153EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/03/11 6:33 a.m.21 views

CVE-2021-28132

LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration Tool in the Support section allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI...

10AI score0.03153EPSS
Exploits1References1
CVE
CVE
added 2021/03/11 6:33 a.m.88 views

CVE-2021-28132

CVE-2021-28132 affects LUCY Security Awareness Software up to version 4.7.x. The root cause is in the Migration Tool (Support section) which permits uploading PHP files inside a system.tar.gz. The uploaded PHP can be accessed via a public/system/static URI, enabling unauthenticated remote code ex...

9.8CVSS9.8AI score0.03153EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder