CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-46990

Deserialization of Untrusted Data in PublicCMS v.4.0.202302.e allows a remote attacker to execute arbitrary code via a crafted script to the writeReplace function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 79.0%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/sanluan/PublicCMS/issues/76#issue-1960443408
https://github.com/sanluan/PublicCMS/issues/76#issue-1960443408

Products affected by CVE-2023-46990

Publiccms » Publiccms » Version: 4.0.202302.e

cpe:2.3:a:publiccms:publiccms:4.0.202302.e

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-46990

Products

Pricing

Contact Us