CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-1002000

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile3.73th
Published2017年9月14日
Last Modified2026年5月13日

Vulnerability Description

Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.

Affected Platforms (CPE)

📦
Mobile Friendly App Builder By Easytouch Project

Mobile Friendly App Builder By Easytouch

= 3.0

References & Advisories

🔗 http://www.securityfocus.com/bid/96899
🔗 http://www.securityfocus.com/bid/96905
🔗 http://www.vapidlabs.com/advisory.php?v=179
🔗 https://wordpress.org/plugins-wp/mobile-friendly-app-builder-by-easytouch/
🔗 https://www.exploit-db.com/exploits/41540/
🔗 http://www.securityfocus.com/bid/96899
🔗 http://www.securityfocus.com/bid/96905
🔗 http://www.vapidlabs.com/advisory.php?v=179

相关漏洞威胁

CVE-2017-1437810.0

EMC RSA Authentication Agent API 8.5 for C and RSA Authentication Agent SDK 8.6 for C allow attackers to bypass authentication, ak...

CVE-2017-1684510.0

hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.

CVE-2017-1026910.0

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte...

CVE-2017-1129110.0

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists tha...