CVE-2024-3181 | Concrete CMS up to 8.5.15/9.2.7 Search Field os command injection

Inserito da Angelo Barbosa | Apr 3, 2024 | CVE

A vulnerability was found in Concrete CMS up to 8.5.15/9.2.7. It has been declared as critical. This vulnerability affects unknown code of the component Search Field. The manipulation leads to os command injection.

This vulnerability was named CVE-2024-3181. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3181 | Concrete CMS up to 8.5.15/9.2.7 Search Field os command injection

Post correlati

CVE-2024-33111 | D-Link DIR-845L up to 1.01KRb03 bsc_sms_inbox.php cross site scripting

Inventory Management registration.php sql injection

CVE-2024-41094 | Linux Kernel up to 6.6.36/6.9.7 fbdev-dma vmalloc allocation of resources (f29fcfbf6067/00702cfa8432/d92a7580392a)

CVE-2024-2459 | wpvncom UX Flat Plugin up to 4.1 on WordPress cross site scripting