CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-10469

b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and execute arbitrary JSP files via the name[] parameter to the /upload URI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2018-10469

B3log » Symphony » Version: 2.6.0

cpe:2.3:a:b3log:symphony:2.6.0

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved