4 matches found
CVE-2021-42643
cmseasy V7.7.520211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability...
Remote code execution
cmseasy V7.7.520211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability...
CVE-2021-42644
CVE-2021-42644 concerns CmsEasy, affected by an arbitrary file read vulnerability in version 7.7.5_20211012. The issue allows reading critical configuration data, including the website’s database configuration file (config / config_database), after authentication. The provided sources indicate th...
CVE-2021-42643
CVE-2021-42643 affects CmsEasy cmseasy v7.7.5_20211012 with an arbitrary file write vulnerability that allows writing a PHP script to the web server and, when accessed, can lead to code execution. This is documented across NVD/NVD-derived pages and CNNVD describing the same issue. The supplied co...