exploitDog

GHSA-4x6f-6382-jv97

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing.

An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing.

Ссылки

EPSS

Процентиль: 78%

0.01185

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2018-18083

CVSS3: 9.8

nvd

больше 7 лет назад

An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing.

EPSS

Процентиль: 78%

0.01185

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94