CVE-2019-8433

EUVD-2019-17823
JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/console/file/manage.php?type=list URI, as demonstrated by a .php file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
Affected Products (NVD)
VendorProductVersion
jtbcjtbc_php
3.0.1.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/jetiben/jtbc/issues/6
https://github.com/jetiben/jtbc/issues/6