Vulnerability Details CVE-2017-7447
HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.6%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- http://rungga.blogspot.co.id/2017/04/multiple-csrf-remote-code-execution.html
- http://www.securityfocus.com/bid/97485
- https://github.com/albandes/helpdezk/issues/2
- https://www.exploit-db.com/exploits/41824/
- http://rungga.blogspot.co.id/2017/04/multiple-csrf-remote-code-execution.html
- http://www.securityfocus.com/bid/97485
- https://github.com/albandes/helpdezk/issues/2
- https://www.exploit-db.com/exploits/41824/