PT-2018-13451 · Dami · Damicms

Howchen

·

Published

2018-08-30

·

Updated

2018-10-19

·

CVE-2018-16238

CVSS v3.1

7.2

High

VectorAV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions damiCMS version 6.0.1
Description An issue allows remote code execution via PHP code in a multipart/form-data POST to the "admin.php?s=/Tpl/Update.html" API endpoint. This can be used to update files, such as Web/Tpl/default/head.html.
Recommendations For version 6.0.1, avoid using the admin.php?s=/Tpl/Update.html endpoint until a fix is available, and restrict access to file updates to minimize the risk of exploitation.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-16238

Affected Products

Damicms