A lack of input sanitizing in the file download feature of eSST Monitoring v2.147.1 allows attackers to execute a path traversal.
7.5CVSS
7.5AI Score
0.001EPSS
eSST Monitoring v2.147.1 was discovered to contain a remote code execution (RCE) vulnerability via the Gii code generator component.
9.8CVSS
9.8AI Score
0.005EPSS
eSST Monitoring v2.147.1 was discovered to contain a remote code execution (RCE) vulnerability via the file upload function.
8.8CVSS
9.1AI Score
0.002EPSS