CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-33445

An issue in hisiphp v2.0.111 allows a remote attacker to execute arbitrary code via a crafted script to the SystemPlugins::mkInfo parameter in the SystemPlugins.php component.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.055

EPSS Ranking 89.9%

CVSS Severity

CVSS v3 Score 9.8

References

https://gist.github.com/LioTree/04a4ece38df53af4027d52b2aeb7aff6
https://github.com/hisiphp/hisiphp/issues/11
https://gist.github.com/LioTree/04a4ece38df53af4027d52b2aeb7aff6
https://github.com/hisiphp/hisiphp/issues/11

Products affected by CVE-2024-33445

Hisiphp » Hisiphp » Version: 2.0.11

cpe:2.3:a:hisiphp:hisiphp:2.0.11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-33445

Products

Pricing

Contact Us