Walrus Digit » Walrack : Security Vulnerabilities, CVEs,
WalRack 1.x before 1.1.9 and 2.x before 2.0.7 does not properly restrict file uploads, which allows remote attackers to execute arbitrary PHP code via vectors involving a double extension, as demonstrated by a .php.zzz file.
Max CVSS
6.8
EPSS Score
1.34%
Published
2011-05-31
Updated
2017-08-17
Unspecified vulnerability in WalRack 1.x before 1.1.8 and 2.x before 2.0.6 has unknown impact and attack vectors, possibly related to file deletion and an encoded URL, a different vulnerability than CVE-2011-1329.
Max CVSS
7.5
EPSS Score
0.31%
Published
2011-05-31
Updated
2017-08-29
2 vulnerabilities found