4 matches found
CVE-2022-35944
October is a self-hosted Content Management System CMS platform based on the Laravel PHP Framework. This vulnerability only affects installations that rely on the safe mode restriction, commonly used when providing public access to the admin panel. Assuming an attacker has access to the admin pan...
CVE-2022-35944
October is a self-hosted Content Management System CMS platform based on the Laravel PHP Framework. This vulnerability only affects installations that rely on the safe mode restriction, commonly used when providing public access to the admin panel. Assuming an attacker has access to the admin pan...
CVE-2022-35944
CVE-2022-35944 affects October CMS (Laravel-based). The flaw allows bypass of the Safe Mode cms.safe_mode when an attacker with admin Editor access crafts a request to inject PHP code into a CMS template. Patches exist in v2.2.34 and v3.0.66; no public exploit details are provided in the connecte...
CVE-2022-35944 October CMS Safe Mode bypass leads to authenticated RCE (Remote Code Execution)
October is a self-hosted Content Management System CMS platform based on the Laravel PHP Framework. This vulnerability only affects installations that rely on the safe mode restriction, commonly used when providing public access to the admin panel. Assuming an attacker has access to the admin pan...