Vulnerability Details CVE-2019-13961
A CSRF vulnerability was found in flatCore before 1.5, leading to the upload of arbitrary .php files via acp/core/files.upload-script.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2019-13961
-
cpe:2.3:a:flatcore:flatcore:-
-
cpe:2.3:a:flatcore:flatcore:1.0
-
cpe:2.3:a:flatcore:flatcore:1.1
-
cpe:2.3:a:flatcore:flatcore:1.1.1
-
cpe:2.3:a:flatcore:flatcore:1.3
-
cpe:2.3:a:flatcore:flatcore:1.4
-
cpe:2.3:a:flatcore:flatcore:1.4.5
-
cpe:2.3:a:flatcore:flatcore:1.4.6
-
cpe:2.3:a:flatcore:flatcore:1.4.7
-
cpe:2.3:a:flatcore:flatcore:1.4.7.4