CVE-2023-42286 - Vulnerability Details

There is a PHP file inclusion vulnerability in the template configuration of eyoucms v1.6.4, allowing attackers to execute code or system commands through a carefully crafted malicious payload.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Eyoucms	Eyoucms

No data.

References

Link	Providers
https://github.com/Nacl122/CVEReport/blob/main/CVE-2023-42286/CVE-2023-42286.md

History

Tue, 12 Nov 2024 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Eyoucms Eyoucms eyoucms
Weaknesses		CWE-434
CPEs		cpe:2.3:a:eyoucms:eyoucms:1.6.4:::::::*
Vendors & Products		Eyoucms Eyoucms eyoucms

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-03-14T00:00:00

Updated: 2024-11-12T18:26:33.144Z

Reserved: 2023-09-08T00:00:00

Link: CVE-2023-42286

Vulnrichment

Updated: 2024-08-02T19:16:51.039Z

NVD

Status : Awaiting Analysis

Published: 2024-03-14T22:15:22.277

Modified: 2024-11-21T08:22:24.680

Link: CVE-2023-42286

Redhat

No data.

Metrics

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object