An issue was discovered in REDAXO version 5.15.1, allows attackers to execute arbitrary code and obtain sensitive information via modules.modules.php.
References
Link | Resource |
---|---|
https://github.com/CpyRe/I-Find-CVE-2024/blob/main/REDAXO%20RCE.md | Exploit Third Party Advisory |
Configurations
History
11 Apr 2024, 14:02
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redaxo:redaxo:5.15.1:*:*:*:*:*:*:* | |
References | () https://github.com/CpyRe/I-Find-CVE-2024/blob/main/REDAXO%20RCE.md - Exploit, Third Party Advisory | |
First Time |
Redaxo
Redaxo redaxo |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.2 |
CWE | CWE-94 |
20 Feb 2024, 19:50
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
17 Feb 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-17 06:15
Updated : 2024-08-29 20:36
NVD link : CVE-2024-25298
Mitre link : CVE-2024-25298
CVE.ORG link : CVE-2024-25298
JSON object : View
Products Affected
redaxo
- redaxo
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')