3 matches found
CuppaCMS Remote Code Execution (CVE-2022-37190)
A remote code execution vulnerability exists in CuppaCMS. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
CVE-2022-37190
CuppaCMS 1.0 is vulnerable to Remote Code Execution RCE. An authenticated user can control both parameters action and function from "/api/index.php...
CVE-2022-37190
CuppaCMS 1.0 is affected by a Remote Code Execution (RCE) vulnerability. An authenticated user can control both action and function parameters in the /api/index.php endpoint, enabling arbitrary code execution on the affected system. The NVD entry and the Nuclei template corroborate this RCE scena...