exploitDog

CVE-2024-22939

Опубликовано: 29 фев. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute arbitrary code via the system/article/category_edit component.

Ссылки

https://github.com/NUDTTAN91/CVE-2024-22939
Exploit
Third Party Advisory
https://github.com/NUDTTAN91/CVE20240109/blob/master/README.md
Exploit
Third Party Advisory
https://github.com/NUDTTAN91/CVE-2024-22939
Exploit
Third Party Advisory
https://github.com/NUDTTAN91/CVE20240109/blob/master/README.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sunkaifei:flycms:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02362

Низкий

8.8 High

CVSS3

Дефекты

CWE-352

CWE-352

Связанные уязвимости

GHSA-vqx4-jcwp-8g92

CVSS3: 8.8

github

почти 2 года назад

Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute arbitrary code via the system/article/category_edit component.

EPSS

Процентиль: 85%

0.02362

Низкий

8.8 High

CVSS3

Дефекты

CWE-352

CWE-352