CVE-2024-12666 | ClassCMS up to 4.8 User Management Page admin?do=admin:user:editPost insufficient privileges

Inserito da Angelo Barbosa | Dic 16, 2024 | CVE

A vulnerability has been found in ClassCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin?do=admin:user:editPost of the component User Management Page. The manipulation leads to improper handling of insufficient privileges.

This vulnerability is known as CVE-2024-12666. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-12666 | ClassCMS up to 4.8 User Management Page admin?do=admin:user:editPost insufficient privileges

Post correlati

CVE-2023-50379 | Apache Ambari up to 2.7.7 Request code injection

CVE-2024-33955 | Theme Freesia Freesia Empire Plugin up to 1.4.1 on WordPress cross site scripting

CVE-2024-3184 | EmbedThis GoAhead up to 6.0.0 Request null pointer dereference

CVE-2024-43943 | Wpsoul Greenshift Woocommerce Addon Plugin up to 1.9.7 on WordPress sql injection