Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv2

CVE-2021-46360

Published: 09/02/2022 Updated: 27/03/2023
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Composr

Vulnerability Summary

Authenticated remote code execution (RCE) in Composr-CMS 10.0.39 and previous versions allows remote malicious users to execute arbitrary code via uploading a PHP shell through /adminzone/index.php?page=admin-commandr.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ocproducts composr

Github Repositories

https://github.com/cnnrshd/bbot-utils

Tools for parsing/enriching data from bbot. Probably not generally useful.

bbot-utils Tools for parsing/enriching data from bbot Designed to be generally useful, since it can parse arbitrary NDJSON files Installation Recommended installation method is with pipx, since this also adds the tools to your path pipx install git+githubcom/cnnrshd/bbot-utilsgit This allows you to simply run: echo '{&quo

References

CWE-434https://github.com/sartlabs/0days/blob/main/Composr-CMS/Exploit.pyhttp://packetstormsecurity.com/files/171489/Composr-CMS-10.0.39-Remote-Code-Execution.htmlhttps://nvd.nist.govhttps://github.com/cnnrshd/bbot-utils
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook