A vulnerability was found in eprintsug ulcc-core. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file cgi/toolbox/toolbox. The manipulation of the argument password leads to command injection. The attack can be launched remotely. The patch is named 811edaae81eb044891594f00062a828f51b22cb1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217447.
References
Link | Resource |
---|---|
https://github.com/eprintsug/ulcc-core/commit/811edaae81eb044891594f00062a828f51b22cb1 | Patch |
https://vuldb.com/?ctiid.217447 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.217447 | Permissions Required Third Party Advisory |
Configurations
History
11 Apr 2024, 01:13
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
16 Nov 2023, 02:28
Type | Values Removed | Values Added |
---|---|---|
CWE |
07 Nov 2023, 03:40
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-77 |
20 Oct 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
CWE | ||
Summary | A vulnerability was found in eprintsug ulcc-core. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file cgi/toolbox/toolbox. The manipulation of the argument password leads to command injection. The attack can be launched remotely. The patch is named 811edaae81eb044891594f00062a828f51b22cb1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217447. |
Information
Published : 2023-01-05 10:15
Updated : 2024-05-17 02:03
NVD link : CVE-2021-4304
Mitre link : CVE-2021-4304
CVE.ORG link : CVE-2021-4304
JSON object : View
Products Affected
ulcc-core_project
- ulcc-core
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')