CVE-2024-48236

An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the FileOutputStream function in the write String method of the ofcms-admin\src\main\java\com\ofsoft\cms\core\uitle\FileUtils.java file
Configurations

No configuration.

History

29 Oct 2024, 19:35

Type Values Removed Values Added
CWE CWE-94
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5

28 Oct 2024, 13:58

Type Values Removed Values Added
Summary
  • (es) Un problema en ofcms 1.1.2 permite a un atacante remoto ejecutar código arbitrario a través de la función FileOutputStream en el método de escritura String del archivo ofcms-admin\src\main\java\com\ofsoft\cms\core\uitle\FileUtils.java

25 Oct 2024, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-25 22:15

Updated : 2024-10-29 19:35


NVD link : CVE-2024-48236

Mitre link : CVE-2024-48236

CVE.ORG link : CVE-2024-48236


JSON object : View

Products Affected

No product.

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')