CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-50090

Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.1%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2023-50090

Ureport2 Project » Ureport2 » Version: N/A

cpe:2.3:a:ureport2_project:ureport2:-
Ureport2 Project » Ureport2 » Version: 2.2.1

cpe:2.3:a:ureport2_project:ureport2:2.2.1
Ureport2 Project » Ureport2 » Version: 2.2.2

cpe:2.3:a:ureport2_project:ureport2:2.2.2
Ureport2 Project » Ureport2 » Version: 2.2.3

cpe:2.3:a:ureport2_project:ureport2:2.2.3
Ureport2 Project » Ureport2 » Version: 2.2.4

cpe:2.3:a:ureport2_project:ureport2:2.2.4
Ureport2 Project » Ureport2 » Version: 2.2.5

cpe:2.3:a:ureport2_project:ureport2:2.2.5
Ureport2 Project » Ureport2 » Version: 2.2.6

cpe:2.3:a:ureport2_project:ureport2:2.2.6
Ureport2 Project » Ureport2 » Version: 2.2.7

cpe:2.3:a:ureport2_project:ureport2:2.2.7
Ureport2 Project » Ureport2 » Version: 2.2.8

cpe:2.3:a:ureport2_project:ureport2:2.2.8
Ureport2 Project » Ureport2 » Version: 2.2.9

cpe:2.3:a:ureport2_project:ureport2:2.2.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-50090

Products

Pricing

Contact Us