NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2024-09-17T03:03:09.296Z

Reserved: 2018-10-02T00:00:00

Link: CVE-2018-17888

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-10-12T14:29:00.257

Modified: 2024-11-21T03:55:08.650

Link: CVE-2018-17888

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.