ID CVE-2018-18258
Summary An issue was discovered in BageCMS 3.1.3. The attacker can execute arbitrary PHP code on the web server and can read any file on the web server via an index.php?r=admini/template/updateTpl&filename= URI.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
refmap via4
misc https://github.com/rakjong/vuln/blob/master/Bagecms_vuln_1.pdf
Last major update 11-10-2018 - 17:01
Published 11-10-2018 - 17:01
Last modified 11-10-2018 - 17:01
Back to Top