Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component.
References
Link | Resource |
---|---|
https://github.com/n0Sleeper/bosscmsVuln | Third Party Advisory |
https://github.com/n0Sleeper/bosscmsVuln/issues/1 | Exploit Third Party Advisory |
https://www.bosscms.net/ | Product |
Configurations
History
03 Feb 2024, 00:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:bosscms:bosscms:1.3.0:*:*:*:*:*:*:* | |
First Time |
Bosscms bosscms
Bosscms |
|
CWE | CWE-863 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | () https://github.com/n0Sleeper/bosscmsVuln/issues/1 - Exploit, Third Party Advisory | |
References | () https://github.com/n0Sleeper/bosscmsVuln - Third Party Advisory | |
References | () https://www.bosscms.net/ - Product |
30 Jan 2024, 01:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-30 01:16
Updated : 2024-02-28 20:54
NVD link : CVE-2024-22938
Mitre link : CVE-2024-22938
CVE.ORG link : CVE-2024-22938
JSON object : View
Products Affected
bosscms
- bosscms
CWE
CWE-863
Incorrect Authorization