CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-10757

In Redaxo 5.2.0, the cron management of the admin panel suffers from CSRF that leads to arbitrary Remote Code Execution via addons/cronjob/lib/types/phpcode.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.8%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://blog.ripstech.com/2016/redaxo-remote-code-execution-via-csrf/
https://demo.ripstech.com/projects/redaxo_5.2.0
https://blog.ripstech.com/2016/redaxo-remote-code-execution-via-csrf/
https://demo.ripstech.com/projects/redaxo_5.2.0

Products affected by CVE-2016-10757

Readaxo » Readaxo » Version: 5.2.0

cpe:2.3:a:readaxo:readaxo:5.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-10757

Products

Pricing

Contact Us