CVE-2024-48138

A remote code execution (RCE) vulnerability in the component /PluXml/core/admin/parametres_edittpl.php of PluXml v5.8.16 and lower allows attackers to execute arbitrary code via injecting a crafted payload into a template.
Configurations

No configuration.

History

30 Oct 2024, 15:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CWE CWE-94
Summary
  • (es) Una vulnerabilidad de ejecución remota de código (RCE) en el componente /PluXml/core/admin/parametres_edittpl.php de PluXml v5.8.16 y anteriores permite a los atacantes ejecutar código arbitrario mediante la inyección de un payload manipulado en una plantilla.

29 Oct 2024, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-29 22:15

Updated : 2024-11-01 12:57


NVD link : CVE-2024-48138

Mitre link : CVE-2024-48138

CVE.ORG link : CVE-2024-48138


JSON object : View

Products Affected

No product.

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')