CRITICAL🇬🇧 English

CVE-2018-17894

CVSS 9.8v3.0pub. 2018-10-12upd. 2024-11-21

NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker to gain privileged access.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Nuuo Cms

    APP
    Nuuo
    ≤ 3.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2018-17934CRITICAL9.8ten sam produkt

NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname that is able...

CVE-2018-17936CRITICAL9.8ten sam produkt

NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or ov...

CVE-2018-17888CRITICAL9.8ten sam produkt

NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow ...

CVE-2018-17890CRITICAL9.8ten sam produkt

NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functi...

CVE-2018-18982HIGH8.8ten sam produkt

NUUO CMS All versions 3.3 and prior the web server application allows injection of arbitrary SQL characters, w...