Sibsoft: >> Xfilesharing Security Vulnerabilities
SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.
CVSS Score
7.5
EPSS Score
0.133
Published
2019-11-13
SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP.
CVSS Score
9.8
EPSS Score
0.322
Published
2019-11-13