exploitDog

GHSA-7953-4j2w-78x6

Опубликовано: 29 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.2

Описание

OS Command injection vulnerability in PublicCMS PublicCMS-V5.202506.a, and PublicCMS-V5.202506.b allowing attackers to execute arbitrary commands via crafted DATABASE, USERNAME, or PASSWORD variables to the backupDB.bat file.

OS Command injection vulnerability in PublicCMS PublicCMS-V5.202506.a, and PublicCMS-V5.202506.b allowing attackers to execute arbitrary commands via crafted DATABASE, USERNAME, or PASSWORD variables to the backupDB.bat file.

Ссылки

EPSS

Процентиль: 86%

0.02904

Низкий

8.2 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2025-57516

CVSS3: 8.2

nvd

4 месяца назад

OS Command injection vulnerability in PublicCMS PublicCMS-V5.202506.a, and PublicCMS-V5.202506.b allowing attackers to execute arbitrary commands via crafted DATABASE, USERNAME, or PASSWORD variables to the backupDB.bat file.

EPSS

Процентиль: 86%

0.02904

Низкий

8.2 High

CVSS3

CVE ID

Дефекты

CWE-78