exploitDog

GHSA-258w-xxxf-v3q9

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS 1.2 rev9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the bField[bf_data] parameter to (1) interface/editors/-custom.php or (2) interface/editors/custom.php.

Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS 1.2 rev9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the bField[bf_data] parameter to (1) interface/editors/-custom.php or (2) interface/editors/custom.php.

Ссылки

EPSS

Процентиль: 95%

0.1883

Средний

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2007-5271

nvd

больше 18 лет назад

Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS 1.2 rev9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the bField[bf_data] parameter to (1) interface/editors/-custom.php or (2) interface/editors/custom.php.

EPSS

Процентиль: 95%

0.1883

Средний

CVE ID

Дефекты

CWE-94