CVE-2020-18184

Опубликовано: 02 окт. 2020

Источник: debian

EPSS Низкий

Описание

In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
pluxml	removed			package

Примечания

https://github.com/pluxml/PluXml/issues/320
One could question whether this is a vulnerability at all. The
developer documentation describes this as expected behavior.

EPSS

Процентиль: 69%

0.00611

Низкий

Связанные уязвимости

CVE-2020-18184

CVSS3: 7.2

ubuntu

больше 5 лет назад

In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.

CVE-2020-18184

CVSS3: 7.2

nvd

больше 5 лет назад

In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.

GHSA-qccw-5mh6-8cq6

github

больше 3 лет назад

In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.

EPSS

Процентиль: 69%

0.00611

Низкий