Vulnerability Details CVE-2018-19991
VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because there is no error handler (for get_uri_args or get_post_args) to block the API misuse described in CVE-2018-9230.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2018-19991
-
cpe:2.3:a:verynginx_project:verynginx:0.3.3