CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-17324

ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traversal by issuing a special HTTP POST request with ../ characters. This could lead to create malicious HTML file, because they can inject a content with crafted template. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.1%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35184
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35184

Products affected by CVE-2019-17324

Clipsoft » Rexpert » Version: 1.0.0.527

cpe:2.3:a:clipsoft:rexpert:1.0.0.527

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17324

Products

Pricing

Contact Us