An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the FileOutputStream function in the write String method of the ofcms-admin\src\main\java\com\ofsoft\cms\core\uitle\FileUtils.java file
References
Link | Resource |
---|---|
https://gitee.com/oufu/ofcms/issues/IASIBT |
Configurations
No configuration.
History
29 Oct 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-94 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
28 Oct 2024, 13:58
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
25 Oct 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-25 22:15
Updated : 2024-10-29 19:35
NVD link : CVE-2024-48236
Mitre link : CVE-2024-48236
CVE.ORG link : CVE-2024-48236
JSON object : View
Products Affected
No product.
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')