Описание
SeaCms 13.1 is vulnerable to code injection in the notification module of the member message notification module in the backend user module, due to unsafe handling of the "notify" variable in admin_notify.php.
Ссылки
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:seacms:seacms:13.1:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00217
Низкий
8.8 High
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 8.8
github
около 1 года назад
SeaCms 13.1 is vulnerable to code injection in the notification module of the member message notification module in the backend user module, due to unsafe handling of the "notify" variable in admin_notify.php.
EPSS
Процентиль: 44%
0.00217
Низкий
8.8 High
CVSS3
Дефекты
CWE-94