CVE-2023-39681
Published
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT
Description
Cuppa CMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at /Configuration.php. This vulnerability is triggered via a crafted payload.
An Unauthorized attacker can execute arbitrary php code leading to unauthorized remote code execution
GitHub