Vulnerability Details CVE-2022-31578
The piaoyunsoft/bt_lnmp repository through 2019-10-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2022-31578
-
cpe:2.3:a:bt_lnmp_project:bt_lnmp:-
-
cpe:2.3:a:bt_lnmp_project:bt_lnmp:2019-10-10