REDAXO CMS v2.11.0 was discovered to contain a remote code execution (RCE) vulnerability.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HRedaxo
APPRedaxo2.11.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
Powiązane podatności
CVE-2018-18200CRITICAL9.8ten sam produkt
There is a SQL injection in Benutzerverwaltung in REDAXO before 5.6.4.
CVE-2018-17831CRITICAL9.8ten sam produkt
In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the rex_list class becau...
CVE-2026-21857HIGH8.3ten sam produkt
REDAXO is a PHP-based content management system. Prior to version 5.20.2, authenticated users with backup perm...
CVE-2025-64050HIGH7.2ten sam produkt
A Remote Code Execution (RCE) vulnerability in the template management component in REDAXO CMS 5.20.0 allows r...
CVE-2024-46210HIGH7.2ten sam produkt
An arbitrary file upload vulnerability in the MediaPool module of Redaxo CMS v5.17.1 allows attackers to execu...