Vulnerability Details CVE-2024-48180
ClassCMS <=4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can include a file uploaded to the/class/template directory to execute PHP code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.3%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2024-48180
-
cpe:2.3:a:classcms:classcms:1.0
-
cpe:2.3:a:classcms:classcms:1.5
-
cpe:2.3:a:classcms:classcms:2.0
-
cpe:2.3:a:classcms:classcms:2.5
-
cpe:2.3:a:classcms:classcms:3.0
-
cpe:2.3:a:classcms:classcms:3.5
-
cpe:2.3:a:classcms:classcms:4.0
-
cpe:2.3:a:classcms:classcms:4.1
-
cpe:2.3:a:classcms:classcms:4.2
-
cpe:2.3:a:classcms:classcms:4.3
-
cpe:2.3:a:classcms:classcms:4.4
-
cpe:2.3:a:classcms:classcms:4.5
-
cpe:2.3:a:classcms:classcms:4.6
-
cpe:2.3:a:classcms:classcms:4.8