Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-13930
HistoryFeb 21, 2022 - 12:00 a.m.

iCMS Code Injection Vulnerability

2022-02-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
icms
code injection
php
mysql
ssti
vulnerability
remote code execution
content management system
cnvd

EPSS

0.008

Percentile

82.4%

JSON

iCMS is an application. An efficient and clean content management system built with PHP and MySQL. iCMS suffers from a code injection vulnerability that stems from the fact that iCMS allows users to add and render comtom templates, which are SSTI vulnerable. An attacker could exploit this vulnerability to perform remote code execution.

Related

prion 1
cvelist 1
nvd 1
cve 1
prion
prion
Remote code execution
2022-02-04 16:15:00
cvelist
cvelist
CVE-2021-44978
2022-02-04 15:29:52
nvd
nvd
CVE-2021-44978
2022-02-04 16:15:07
cve
cve
CVE-2021-44978
2022-02-04 16:15:07

EPSS

0.008

Percentile

82.4%

JSON
Related for CNVD-2022-13930
prion1cvelist1nvd1cve1