CVE-2018-11670

2018-06-0117:00:00

mitre

www.cve.org

9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.9%

JSON

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect.

References

github.com/GreenCMS/GreenCMS/issues/108

www.exploit-db.com/exploits/44825/