CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-39458

Triggering an error page of the import process in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user has to alternate the files of a vaild file backup. This leads of leaking the database credentials in the environment variables.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.5%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://github.com/evildrummer/CVE-2021-XYZ2
https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39458
https://github.com/evildrummer/CVE-2021-XYZ2
https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39458

Products affected by CVE-2021-39458

Redaxo » Redaxo » Version: 5.12.1

cpe:2.3:a:redaxo:redaxo:5.12.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-39458

Products

Pricing

Contact Us