Описание
plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 (aka Strawberry) allows remote attackers to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:cutephp:cutenews:1.1.1:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.10668
Средний
10 Critical
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 (aka Strawberry) allows remote attackers to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression.
EPSS
Процентиль: 93%
0.10668
Средний
10 Critical
CVSS2
Дефекты
CWE-94