CVE-2024-44724

AutoCMS v5.4 was discovered to contain a PHP code injection vulnerability via the txtsite_url parameter at /admin/site_add.php. This vulnerability allows attackers to execute arbitrary PHP code via injecting a crafted value.
Configurations

No configuration.

History

10 Sep 2024, 12:09

Type Values Removed Values Added
Summary
  • (es) Se descubrió que AutoCMS v5.4 contiene una vulnerabilidad de inyección de código PHP a través del parámetro txtsite_url en /admin/site_add.php. Esta vulnerabilidad permite a los atacantes ejecutar código PHP arbitrario mediante la inyección de un valor creado.

09 Sep 2024, 21:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.2
CWE CWE-94

09 Sep 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-09 20:15

Updated : 2024-09-10 12:09


NVD link : CVE-2024-44724

Mitre link : CVE-2024-44724

CVE.ORG link : CVE-2024-44724


JSON object : View

Products Affected

No product.

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')