Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2017-1000238

InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver. It is possible for an attacker to upload a script which is able to compromise the webserver.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
Products affected by CVE-2017-1000238


Contact Us

Shodan ® - All rights reserved