Vulnerability Details CVE-2018-7764
The vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. There is a directory traversal vulnerability in the processing of the 's' parameter of the applet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.6%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.3
References
Products affected by CVE-2018-7764
-
cpe:2.3:a:schneider-electric:u.motion_builder:1.2.1