Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-7692 | 1 Cim Project | 1 Cim | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
install/install.php in CIM 0.9.3 allows remote attackers to execute arbitrary PHP code via a crafted prefix value because of configuration file mishandling in the N=83 case, as demonstrated by a call to the PHP fputs function that creates a .php file in the public folder. | |||||
CVE-2018-20614 | 1 Cim Project | 1 Cim | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
public\install\install.php in CIM 0.9.3 allows remote attackers to reload the product via the public/install/#/step3 URI. |