Metrics
Affected Vendors & Products
Mon, 09 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Lmxcms
Lmxcms lmxcms |
|
CPEs | cpe:2.3:a:lmxcms:lmxcms:1.0:*:*:*:*:*:*:* cpe:2.3:a:lmxcms:lmxcms:1.1:*:*:*:*:*:*:* cpe:2.3:a:lmxcms:lmxcms:1.2:*:*:*:*:*:*:* cpe:2.3:a:lmxcms:lmxcms:1.3:*:*:*:*:*:*:* cpe:2.3:a:lmxcms:lmxcms:1.4:*:*:*:*:*:*:* |
|
Vendors & Products |
Lmxcms
Lmxcms lmxcms |
|
Metrics |
ssvc
|
Sat, 07 Sep 2024 09:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was found in lmxcms up to 1.4 and classified as critical. Affected by this issue is the function formatData of the file /admin.php?m=Acquisi&a=testcj&lid=1 of the component SQL Command Execution Module. The manipulation of the argument data leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
Title | lmxcms SQL Command Execution Module admin.php formatData code injection | |
Weaknesses | CWE-94 | |
References |
| |
Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2024-09-07T09:00:04.600Z
Updated: 2024-09-09T14:02:50.625Z
Reserved: 2024-09-06T15:30:25.039Z
Link: CVE-2024-8523
Updated: 2024-09-09T14:02:32.011Z
Status : Awaiting Analysis
Published: 2024-09-07T09:15:02.807
Modified: 2024-09-09T13:03:38.303
Link: CVE-2024-8523
No data.