2 matches found
The vulnerability of the fromData method implementation in the October CMS system allows a perpetrator to execute arbitrary code.
The vulnerability of the fromData method implementation in October CMS is related to the use of a shared resource with incorrect synchronization. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...
CVE-2022-24800
October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.476, 1.1.12, and 2.2.15, when the developer allows the user to specify their own filename in the fromData method, an unauthenticated user can perform remote co...