CVE-2017-20064 in Elefantinfo

Summary

by MITRE • 06/20/2022

A vulnerability was found in Elefant CMS 1.3.12-RC. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /designer/add/layout. The manipulation leads to code injection. The attack can be launched remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

VulDB

Disclosure

06/20/2022

Moderation

accepted

Entry

VDB-97261

CPE

ready

CWE

CWE-94 (confirmed)

CVSS

6.3 (VulDB)

EPSS

0.00476

KEV

Activities

very low

Sector

Lawfirm, Hostingprovider, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-20064
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-20064
CVE Details	https://www.cvedetails.com/cve/CVE-2017-20064/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!