Описание
ClassCMS v4.8 has a code execution vulnerability. Attackers can exploit this vulnerability by constructing a payload in the classview parameter of the model management feature, allowing them to execute arbitrary code and potentially take control of the server.
Ссылки
- ExploitIssue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:classcms:classcms:4.8:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01459
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 9.8
github
около 1 года назад
ClassCMS v4.8 has a code execution vulnerability. Attackers can exploit this vulnerability by constructing a payload in the classview parameter of the model management feature, allowing them to execute arbitrary code and potentially take control of the server.
EPSS
Процентиль: 80%
0.01459
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-94