Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-26642

When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.029
EPSS Ranking 85.7%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2021-26642


Contact Us

Shodan ® - All rights reserved