Описание
PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code.
Ссылки
- Product
- ExploitMailing ListThird Party Advisory
- ExploitPatchThird Party Advisory
- ExploitPatchThird Party Advisory
- Product
- ExploitMailing ListThird Party Advisory
- ExploitPatchThird Party Advisory
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.8.3 (исключая)
cpe:2.3:a:fork-cms:fork_cms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01279
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-502
Связанные уязвимости
github
больше 3 лет назад
PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code.
EPSS
Процентиль: 79%
0.01279
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-502