GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in the background management system, which can be used by an attacker to implement RCE.
History

Tue, 17 Dec 2024 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-94
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 16 Dec 2024 22:45:00 +0000

Type Values Removed Values Added
Description GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in the background management system, which can be used by an attacker to implement RCE.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-12-16T00:00:00

Updated: 2024-12-17T14:41:00.899Z

Reserved: 2024-12-06T00:00:00

Link: CVE-2024-55085

cve-icon Vulnrichment

Updated: 2024-12-17T14:40:47.310Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-12-16T23:15:06.607

Modified: 2024-12-17T15:15:15.840

Link: CVE-2024-55085

cve-icon Redhat

No data.