Vulnerability Details CVE-2017-10665
Directory traversal vulnerability in ajaxfileupload.php in Kayson Group Ltd. phpGrid before 7.2.5 allows remote attackers to execute arbitrary code by uploading a crafted file with a .. (dot dot) in the file name.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 79.3%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
Products affected by CVE-2017-10665
-
cpe:2.3:a:phpgrid:phpgrid:5.0
-
cpe:2.3:a:phpgrid:phpgrid:5.5
-
cpe:2.3:a:phpgrid:phpgrid:5.5.1
-
cpe:2.3:a:phpgrid:phpgrid:5.5.2
-
cpe:2.3:a:phpgrid:phpgrid:5.5.5
-
cpe:2.3:a:phpgrid:phpgrid:6.0
-
cpe:2.3:a:phpgrid:phpgrid:6.1
-
cpe:2.3:a:phpgrid:phpgrid:6.2
-
cpe:2.3:a:phpgrid:phpgrid:6.5
-
cpe:2.3:a:phpgrid:phpgrid:6.51
-
cpe:2.3:a:phpgrid:phpgrid:6.52b
-
cpe:2.3:a:phpgrid:phpgrid:6.53
-
cpe:2.3:a:phpgrid:phpgrid:6.5b
-
cpe:2.3:a:phpgrid:phpgrid:6.6
-
cpe:2.3:a:phpgrid:phpgrid:6.7
-
cpe:2.3:a:phpgrid:phpgrid:6.7.10
-
cpe:2.3:a:phpgrid:phpgrid:6.9
-
cpe:2.3:a:phpgrid:phpgrid:7
-
cpe:2.3:a:phpgrid:phpgrid:7.1
-
cpe:2.3:a:phpgrid:phpgrid:7.1.5
-
cpe:2.3:a:phpgrid:phpgrid:7.2