Описание
Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file (e.g., home.php).
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/xenial | needs-triage | |
| jammy | needs-triage | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file (e.g., home.php).
Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows ...
Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file (e.g., home.php).
EPSS
6.5 Medium
CVSS3