CVE-2017-1000454 - CERT CVE

  1. CVE-2017-1000454

ID CVE-2017-1000454
Sažetak CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core components, resulting in local file read before 2.2, and local file inclusion since 2.2.1
Reference
CVSS
Base: 4.6
Impact: 6.4
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
LOCAL LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:L/AC:L/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 16-01-2018 - 18:24
Objavljeno 02-01-2018 - 17:29