CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-10684

Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/kyrie403/Vuln/blob/master/74cms/74cms%20v5.0.1%20remote%20code%20execution.md
https://github.com/kyrie403/Vuln/blob/master/74cms/74cms%20v5.0.1%20remote%20code%20execution.md

Products affected by CVE-2019-10684

74cms » 74cms » Version: 5.0.1

cpe:2.3:a:74cms:74cms:5.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10684

Products

Pricing

Contact Us