3 matches found
CVE-2018-7046
Arbitrary code execution vulnerability in Kentico 9 through 11 allows remote authenticated users to execute arbitrary operating system commands in a dynamic .NET code evaluation context via C code in a "Pages - Edit - Template - Edit template properties - Layout" box. NOTE: the vendor has respond...
CVE-2018-7046
CVE-2018-7046 affects Kentico CMS versions 9–11. An authenticated remote attacker can execute arbitrary OS commands through a dynamic .NET code evaluation context created by C# code entered in the “Pages → Edit → Template → Edit template properties → Layout” box. The vendor notes this functionali...
Kentico CMS 11 Arbitrary Code Execution Vulnerability
Exploit for php platform in category web applications Exploit Title: Kentico CMS version 9 through 11 - Arbitrary Code Execution Software Link: https://www.kentico.com Exploit Author: Keerati T. CVE: CVE-2018-7046 Category: webapps 1. Description Kentico is the only fully integrated ASP.NET CMS,...