Vulnerability Details CVE-2019-25552
CEWE PHOTO SHOW 6.4.3 contains a denial of service vulnerability that allows attackers to crash the application by submitting an excessively long buffer to the password field. Attackers can paste a large string of repeated characters into the password input during the upload process to trigger an application crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.7%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2019-25552
-
cpe:2.3:a:cewe:photo_show:6.4.3