Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-12739

lib/Controller/ExtractionController.php in the Extract add-on before 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php (nameOfFile and directory parameters).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 79.9%
CVSS Severity
CVSS v3 Score 9.0
CVSS v2 Score 6.5
Products affected by CVE-2019-12739


Products
Pricing
Contact Us

Shodan ® - All rights reserved