Описание
Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file (e.g., home.php).
Ссылки
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:pluxml:pluxml:5.8.22:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00154
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 6.5
ubuntu
около 2 месяцев назад
Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file (e.g., home.php).
CVSS3: 6.5
debian
около 2 месяцев назад
Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows ...
CVSS3: 6.5
github
около 2 месяцев назад
Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file (e.g., home.php).
EPSS
Процентиль: 36%
0.00154
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-77