CVE-2018-16763

🗓️ 09 Sep 2018 21:00:00Reported by mitreType

cvelist

cvelist🔗 www.cve.org👁 12 Views

FUEL CMS 1.4.1 allows PHP Code Evaluation via 'filter' or 'data' parameters, leading to Pre-Auth Remote Code Execution

Reporter	Title	Published	Views	Family All 26
0day.today	fuelCMS 1.4.1 - Remote Code Execution Exploit	20 Jul 201900:00	–	zdt
0day.today	Fuel CMS 1.4.1 - Remote Code Execution Exploit (3)	3 Nov 202100:00	–	zdt
GithubExploit	Exploit for Injection in Thedaylightstudio Fuel_Cms	10 Oct 202020:23	–	githubexploit
GithubExploit	Exploit for Injection in Thedaylightstudio Fuel_Cms	31 May 202215:31	–	githubexploit
GithubExploit	Exploit for Injection in Thedaylightstudio Fuel_Cms	10 Oct 202020:23	–	githubexploit
GithubExploit	Exploit for Injection in Thedaylightstudio Fuel_Cms	3 Nov 202104:38	–	githubexploit
GithubExploit	Exploit for Injection in Thedaylightstudio Fuel_Cms	9 Apr 202622:37	–	githubexploit
ATTACKERKB	CVE-2018-16763	9 Sep 201800:00	–	attackerkb
Circl	CVE-2018-16763	13 Jul 202213:02	–	circl
Check Point Advisories	FUEL CMS Remote Code Execution (CVE-2018-16763)	31 May 202000:00	–	checkpoint_advisories

Source	Link
0xd0ff9	www.0xd0ff9.wordpress.com/2019/07/19/from-code-evaluation-to-pre-auth-remote-code-execution-cve-2018-16763-bypass/
packetstormsecurity	www.packetstormsecurity.com/files/164756/Fuel-CMS-1.4.1-Remote-Code-Execution.html
exploit-db	www.exploit-db.com/exploits/47138
github	www.github.com/daylightstudio/FUEL-CMS/issues/478
packetstormsecurity	www.packetstormsecurity.com/files/153696/fuelCMS-1.4.1-Remote-Code-Execution.html
packetstormsecurity	www.packetstormsecurity.com/files/160080/Fuel-CMS-1.4-Remote-Code-Execution.html

03 Nov 2021 19:06Current

9.7High risk

Vulners AI Score9.7

EPSS0.9391

fuel cms php code evaluation pre-auth remote code execution