Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:22661
HistoryMar 10, 2020 - 7:15 a.m.

Remote Code Execution (RCE)

2020-03-1007:15:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5

0.002 Low

EPSS

Percentile

64.6%

JSON

ssddanbrown/bookstack is vulnerable to remote code execution (RCE). The attack exists because it allows untrusted users to upload PHP files to any area of applications by using image upload function and to execute the malicious PHP code on host system with PHP process permissions.

CPENameOperatorVersion
ssddanbrown/bookstackle0.25.4

Related

prion 1
osv 2
github 1
cvelist 1
cve 1
nvd 1
prion
prion
Information disclosure
2020-03-09 16:15:00
osv
osv
CVE-2020-5256
2020-03-09 16:15:15
Remote Code Execution Through Image Uploads in BookStack
2020-03-13 20:21:27
github
github
Remote Code Execution Through Image Uploads in BookStack
2020-03-13 20:21:27
cvelist
cvelist
CVE-2020-5256 Remote Code Execution Through Image Uploads in BookStack
2020-03-09 15:50:22
cve
cve
CVE-2020-5256
2020-03-09 16:15:15
nvd
nvd
CVE-2020-5256
2020-03-09 16:15:15

0.002 Low

EPSS

Percentile

64.6%

JSON
Related for VERACODE:22661
prion1osv2github1cvelist1cve1nvd1