Lucene search

K

MitreCVELIST:CVE-2018-18892

HistoryNov 01, 2018 - 1:00 a.m.

CVE-2018-18892

2018-11-0101:00:00

mitre

www.cve.org

6

minicms

arbitrary code execution

php

sitename parameter

mc_conf.php

cve-2018-18892

AI Score

9.7

Confidence

High

EPSS

0.008

Percentile

81.3%

MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the site_name field in mc_conf.php.

References

github.com/AvaterXXX/MiniCms/blob/master/Command%20Execution.md

www.patec.cn/newsshow.php?cid=24&id=135

AI Score

9.7

Confidence

High

EPSS

0.008

Percentile

81.3%

Related for CVELIST:CVE-2018-18892

nvd1 osv1 cve1 prion1