CVE-2015-3884

high-risk
Published 2017-03-17

Unrestricted file upload vulnerability in the (1) myAccount, (2) projects, (3) tasks, (4) tickets, (5) discussions, (6) reports, and (7) scheduler pages in qdPM 8.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/attachments/ or uploads/users/.

Do I need to act?

!
72.9% chance of exploitation in next 30 days
EPSS score — higher than 27% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Qdpm

References (6)

Exploit http://packetstormsecurity.com/files/168559/qdPM-9.1-Authenticated-Shell-Upload....
Third Party Advisory http://rossmarks.uk/portfolio.php
Exploit http://rossmarks.uk/whitepapers/qdPM_8.3.txt
Exploit http://packetstormsecurity.com/files/168559/qdPM-9.1-Authenticated-Shell-Upload....
Third Party Advisory http://rossmarks.uk/portfolio.php
Exploit http://rossmarks.uk/whitepapers/qdPM_8.3.txt
54
/ 100
high-risk
Severity 30/34 · Critical
Exploitability 19/34 · Moderate
Exposure 5/34 · Minimal