CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

CNVD•added 2018/09/25 12:0 a.m.•0 views

OTCMS Arbitrary PHP Code Execution Vulnerability

OTCMS is an article-based web content management system CMS. A security vulnerability exists in OTCMS version 3.61. The vulnerability can be exploited by remote attackers to execute arbitrary PHP code with the help of 'accBackupDir' parameter...

8.1CVSS8.5AI score0.00685EPSS

Exploits1References1

OSV•added 2018/09/23 6:29 p.m.•0 views

CVE-2018-17364

OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via the accBackupDir parameter...

8.1CVSS6.1AI score

Exploits0References1

Prion•added 2018/09/23 6:29 p.m.•10 views

Code injection

OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via the accBackupDir parameter...

6.8CVSS8.4AI score0.00685EPSS

Exploits1References1Affected Software1

NVD•added 2018/09/23 6:29 p.m.•9 views

CVE-2018-17364

OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via the accBackupDir parameter...

8.1CVSS8.5AI score0.00685EPSS

Exploits1References1

CVE•added 2018/09/23 6:0 p.m.•31 views

CVE-2018-17364

CVE-2018-17364 affects OTCMS 3.61, where remote attackers can execute arbitrary PHP code via the accBackupDir parameter. Attack vector is network-based; exploitation details are not provided beyond the parameter abuse. Root cause: unvalidated/unsafe handling of accBackupDir allows code execution....

8.1CVSS8.4AI score0.00685EPSS

Exploits1References1Affected Software1