CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-17490

app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge (aka jnoj) 0.8.0 allows arbitrary file upload, as demonstrated by PHP code (with a .php filename but the image/png content type) to the web/polygon/problem/tests URI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.2%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://github.com/shi-yang/jnoj/issues/51
https://github.com/shi-yang/jnoj/issues/51

Products affected by CVE-2019-17490

Jnoj » Jiangnan Online Judge » Version: 0.8.0

cpe:2.3:a:jnoj:jiangnan_online_judge:0.8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17490

Products

Pricing

Contact Us