CVE-2015-5946

Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with…

mitre·CWE-184·Published 2017-08-07

CVSS

—

EPSS

0.02

KEV

Exploits

cve.orgen

162 chars

Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.

NVDen

162 chars

Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.

NVDes

205 chars

Una vulnerabilidad de lista negra (blacklist) incompleta en SuiteCRM versión 7.2.2, permite a los usuarios autenticados remotos ejecutar código arbitrario al cargar un archivo con una extensión ejecutable.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H