CVE-2023-48246
- EPSS 0.27%
- Veröffentlicht 10.01.2024 11:15:09
- Zuletzt bearbeitet 21.11.2024 08:31:18
The vulnerability allows a remote attacker to download arbitrary files in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP request.
CVE-2023-48245
- EPSS 0.4%
- Veröffentlicht 10.01.2024 11:15:09
- Zuletzt bearbeitet 21.11.2024 08:31:17
The vulnerability allows an unauthenticated remote attacker to upload arbitrary files under the context of the application OS user (“root”) via a crafted HTTP request.
CVE-2023-48242
- EPSS 0.27%
- Veröffentlicht 10.01.2024 11:15:08
- Zuletzt bearbeitet 21.11.2024 08:31:17
The vulnerability allows an authenticated remote attacker to download arbitrary files in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP request.
CVE-2023-48244
- EPSS 0.1%
- Veröffentlicht 10.01.2024 11:15:08
- Zuletzt bearbeitet 21.11.2024 08:31:17
The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim’s session via a crafted URL or HTTP request.
CVE-2023-48243
- EPSS 2.07%
- Veröffentlicht 10.01.2024 11:15:08
- Zuletzt bearbeitet 21.11.2024 08:31:17
The vulnerability allows a remote attacker to upload arbitrary files in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP request. By abusing this vulnerability, it is possible to obtain remote code exe...