Invia #375214: flute-cms.com Web-based CMS for server games written on PHP v0.2.2.4-alpha Remote Code Execute (RCE)informazioni

Titoloflute-cms.com Web-based CMS for server games written on PHP v0.2.2.4-alpha Remote Code Execute (RCE)
DescrizioneBy logging in as an admin user and navigating to the /admin/pages/list page, an attacker can customize routes and pages. In the page content definition, it suggests that we can insert HTML code, but even if PHP code is inserted, it will still be parsed.
Fonte⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE5-2.md
Utente
 Dee.Mirage (UID 71702)
Sottomissione16/07/2024 08:42 (2 anni fa)
Moderazione20/07/2024 12:06 (4 days later)
StatoAccettato
Voce VulDB272068 [Flute CMS 0.2.2.4-alpha /admin/pages/list blocks escalationi di privilegi]
Punti17

PrecedenteVisione D'ensembleIl prossimo

Do you want to use VulDB in your project?

Use the official API to access entries easily!