Описание
Multiple static code injection vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to inject arbitrary PHP code (1) into settings.php via the menu parameter to admin_settings.php or (2) into a content/=NUMBER.php file via the title parameter to admin_new.php.
Уязвимые конфигурации
Конфигурация 1Версия до 1.2 (включая)
cpe:2.3:a:cms.tut.su:cms_chainuk:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02445
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
Multiple static code injection vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to inject arbitrary PHP code (1) into settings.php via the menu parameter to admin_settings.php or (2) into a content/=NUMBER.php file via the title parameter to admin_new.php.
EPSS
Процентиль: 85%
0.02445
Низкий
7.5 High
CVSS2
Дефекты
CWE-94