exploitDog

GHSA-vp27-2q8j-vx5m

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect.

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect.

Ссылки

EPSS

Процентиль: 46%

0.00233

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2018-11670

CVSS3: 8.8

nvd

больше 7 лет назад

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect.

EPSS

Процентиль: 46%

0.00233

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352