Lucene search
K

6 matches found

Prion
Prion
added 2018/07/16 2:29 p.m.18 views

Remote code execution

The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files. This is related t...

7.5CVSS9.9AI score0.17282EPSS
Exploits5References3Affected Software1
NVD
NVD
added 2018/07/16 2:29 p.m.22 views

CVE-2018-13981

The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files. This is related t...

9.8CVSS10AI score0.17282EPSS
Exploits5References3
NVD
NVD
added 2018/07/16 2:29 p.m.16 views

CVE-2018-13980

The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal...

5.5CVSS5.5AI score0.06902EPSS
Exploits5References3
Cvelist
Cvelist
added 2018/07/16 2:0 p.m.26 views

CVE-2018-13981

The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files. This is related t...

7.2AI score0.17282EPSS
Exploits5References3
CVE
CVE
added 2018/07/16 2:0 p.m.111 views

CVE-2018-13980

CVE-2018-13980 affects Zeta Producer Desktop CMS <14.2.1. The vulnerability is Local File Inclusion via the filebrowser plugin, exploiting assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal. Resulting impact is unauthenticated local file disclosure on websites built with ...

5.5CVSS5.7AI score0.06902EPSS
Exploits5References3Affected Software1
CNVD
CNVD
added 2018/07/16 12:0 a.m.3 views

Zeta Producer Desktop CMS Remote Code Execution Vulnerability

Zeta Producer Desktop CMS a content management system. A remote code execution vulnerability exists in Zeta Producer Desktop CMS, which can be exploited by an attacker to upload files and execute arbitrary code...

9.8CVSS9.9AI score0.17282EPSS
Exploits5References1
Rows per page
Query Builder