CVE-2018-17030 - CERT CVE
ID CVE-2018-17030
Sažetak BigTree CMS 4.2.23 allows remote authenticated users, if possessing privileges to set hooks, to execute arbitrary code via /core/admin/auto-modules/forms/process.php.
Reference
CVSS
Base: 6.0
Impact: 6.4
Exploitability:6.8
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM SINGLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:M/Au:S/C:P/I:P/A:P
Zadnje važnije ažuriranje 07-11-2018 - 16:41
Objavljeno 14-09-2018 - 02:29