exploitDog

CVE-2024-31759

Опубликовано: 16 апр. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

An issue in sanluan PublicCMS v.4.0.202302.e allows an attacker to escalate privileges via the change password function.

Ссылки

https://1drv.ms/v/s%21AmTWEcd1YDpUjgoJ8lkA8pN8zYEJ?e=gIlbGf
Exploit
https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158
Third Party Advisory
https://github.com/menghaining/PoC/blob/main/PublicCMS/publishCMS--PoC.md
Exploit
Third Party Advisory
https://1drv.ms/v/s%21AmTWEcd1YDpUjgoJ8lkA8pN8zYEJ?e=gIlbGf
Exploit
https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158
Third Party Advisory
https://github.com/menghaining/PoC/blob/main/PublicCMS/publishCMS--PoC.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:publiccms:publiccms:4.0.202302.e:*:*:*:*:*:*:*

EPSS

Процентиль: 40%

0.00179

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284

Связанные уязвимости

GHSA-vwmw-q649-87fw

CVSS3: 8.8

github

почти 2 года назад

An issue in sanluan PublicCMS v.4.0.202302.e allows an attacker to escalate privileges via the change password function.

EPSS

Процентиль: 40%

0.00179

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284