Описание
Direct static code injection vulnerability in admin/config.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allows remote authenticated administrators to execute code by inserting the code into variables that are stored in admin/config.php.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:vscripts:vnews:1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03351
Низкий
9 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Direct static code injection vulnerability in admin/config.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allows remote authenticated administrators to execute code by inserting the code into variables that are stored in admin/config.php.
EPSS
Процентиль: 87%
0.03351
Низкий
9 Critical
CVSS2
Дефекты
NVD-CWE-Other