CRITICAL🇬🇧 English

CVE-2018-17890

CVSS 9.8v3.1pub. 2018-10-12upd. 2024-11-21

NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Nuuo Cms

    APP
    Nuuo
    ≤ 3.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2018-17934CRITICAL9.8ten sam produkt

NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname that is able...

CVE-2018-17936CRITICAL9.8ten sam produkt

NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or ov...

CVE-2018-17888CRITICAL9.8ten sam produkt

NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow ...

CVE-2018-17894CRITICAL9.8ten sam produkt

NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, ...

CVE-2018-18982HIGH8.8ten sam produkt

NUUO CMS All versions 3.3 and prior the web server application allows injection of arbitrary SQL characters, w...