3 matches found
CVE-2019-9829
Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/defaultpc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates...
CVE-2019-9829
CVE-2019-9829 affects Maccms 10. The vulnerability arises from template rendering that uses an include operation on a cache file, bypassing the prohibition of .php files as templates, allowing remote attackers to execute arbitrary PHP code. Documented impact is high (CVSSv3 base score 8.8; networ...
CVE-2019-9829
Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/defaultpc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates...