Description

Acunetix determined that the Craft CMS is vulnerable to remote code execution.

Remediation

Upgrade to the latest version of Craft CMS

References

Craft CMS Remote Code Execution vulnerability

CraftCMS RCE

Related Vulnerabilities

phpMyAdmin Improper Authentication Vulnerability (CVE-2010-4481)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4402)

Django Resource Management Errors Vulnerability (CVE-2015-5143)

Oracle JRE CVE-2019-2988 Vulnerability (CVE-2019-2988)

MySQL CVE-2020-14893 Vulnerability (CVE-2020-14893)

Severity

Critical

Classification

CVE-2023-41892 CWE-94 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

Tags

Code Execution Known Vulnerabilities