Vulnerability Details CVE-2019-15503
cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCMS) through 12.0.3.0 has "Improper Neutralization of Special Elements used in an OS Command," allowing attackers to execute OS commands via an HTTP GET parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2019-15503
-
cpe:2.3:a:altavoz:prontuscms:-
-
cpe:2.3:a:altavoz:prontuscms:11.2.101
-
cpe:2.3:a:altavoz:prontuscms:12.0.3.0