CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-14958

lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.8%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://sourceforge.net/p/pivot-weblog/code/4490/
https://sourceforge.net/p/pivot-weblog/code/4490/

Products affected by CVE-2017-14958

Pivotx » Pivotx » Version: 2.3.11

cpe:2.3:a:pivotx:pivotx:2.3.11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14958

Products

Pricing

Contact Us