Vulnerability Details CVE-2018-10255
A CSV Injection vulnerability was discovered in clustercoding Blog Master Pro v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.026
EPSS Ranking 85.0%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2018-10255
-
cpe:2.3:a:clustercoding:blog_master_pro:1.0.0