PT-2017-10893 · October · October Cms

Publicado

2017-11-17

·

Atualizado

2020-08-03

·

CVE-2017-1000196

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions October CMS build 412
Description The issue allows for PHP code execution in the asset manager functionality, which can result in site compromise and potentially affect other applications on the server.
Recommendations For October CMS build 412, update to a newer version that contains a fix for this issue to prevent PHP code execution in the asset manager functionality.

Correção

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2017-1000196

Produtos afetados

October Cms