CVE-2018-11670

Published June 1st, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect.

GreenCMS/GreenCMS

GreenCMS v2.x Based on ThinkPHP 3.2 Framwork

GitHub

124