Bagesoft - Bagecms CVE

Filtered by vendor Bagesoft Subscribe

Filtered by product Bagecms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-18258	1 Bagesoft	1 Bagecms	2019-06-26	7.5 HIGH	9.8 CRITICAL
An issue was discovered in BageCMS 3.1.3. The attacker can execute arbitrary PHP code on the web server and can read any file on the web server via an index.php?r=admini/template/updateTpl&filename= URI.

Vulnerabilities (CVE)