Lucene search

CVE-2020-25557

🗓️ 13 Nov 2020 16:18:15Reported by [email protected]Type

In CMSuno 1.6.2, injection of malicious PHP code allows authenticated user to run commands on the server

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
AttackerKB	CVE-2020-25557	13 Nov 202000:00	–	attackerkb
OSV	CVE-2020-25557	13 Nov 202016:15	–	osv
Prion	Design/Logic Flaw	13 Nov 202016:15	–	prion
Cvelist	CVE-2020-25557	13 Nov 202015:25	–	cvelist
CVE	CVE-2020-25557	13 Nov 202016:15	–	cve
Packet Storm	CMSUno 1.6.2 Remote Code Execution	28 Jan 202100:00	–	packetstorm
Exploit DB	CMSUno 1.6.2 - 'lang' Remote Code Execution (Authenticated)	28 Jan 202100:00	–	exploitdb

Nvd

Node

cmsuno_project cmsunoMatch1.6.2

Source	Link
fatihhcelik	www.fatihhcelik.blogspot.com/2020/09/cmsuno-162-remote-code-execution.html
packetstormsecurity	www.packetstormsecurity.com/files/161162/CMSUno-1.6.2-Remote-Code-Execution.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Nov 2020 16:15Current

8.7High risk

Vulners AI Score8.7

CVSS26.5

CVSS38.8

EPSS0.06009

CWE-94