Vulnerability Details CVE-2024-40546
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.8%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-40546
-
cpe:2.3:a:publiccms:publiccms:4.0
-
cpe:2.3:a:publiccms:publiccms:4.0.180707
-
cpe:2.3:a:publiccms:publiccms:4.0.180825
-
cpe:2.3:a:publiccms:publiccms:4.0.181024
-
cpe:2.3:a:publiccms:publiccms:4.0.190312
-
cpe:2.3:a:publiccms:publiccms:4.0.202004
-
cpe:2.3:a:publiccms:publiccms:4.0.202011
-
cpe:2.3:a:publiccms:publiccms:4.0.202011.b
-
cpe:2.3:a:publiccms:publiccms:4.0.202107
-
cpe:2.3:a:publiccms:publiccms:4.0.202107.b
-
cpe:2.3:a:publiccms:publiccms:4.0.202107.c
-
cpe:2.3:a:publiccms:publiccms:4.0.202107.d
-
cpe:2.3:a:publiccms:publiccms:4.0.202107.f
-
cpe:2.3:a:publiccms:publiccms:4.0.202204.a
-
cpe:2.3:a:publiccms:publiccms:4.0.202204.b
-
cpe:2.3:a:publiccms:publiccms:4.0.202204.c
-
cpe:2.3:a:publiccms:publiccms:4.0.202204.d
-
cpe:2.3:a:publiccms:publiccms:4.0.202302.a
-
cpe:2.3:a:publiccms:publiccms:4.0.202302.b
-
cpe:2.3:a:publiccms:publiccms:4.0.202302.c
-
cpe:2.3:a:publiccms:publiccms:4.0.202302.d
-
cpe:2.3:a:publiccms:publiccms:4.0.202302.e