CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-26272

A remote code execution (RCE) vulnerability in Ionize v1.0.8.1 allows attackers to execute arbitrary code via a crafted string written to the file application/config/config.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.104

EPSS Ranking 92.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/ionize/ionize/issues/403
https://github.com/ionize/ionize/issues/403

Products affected by CVE-2022-26272

Ionizecms » Ionize » Version: 1.0.8.1

cpe:2.3:a:ionizecms:ionize:1.0.8.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-26272

Products

Pricing

Contact Us