16 Avr 2018
CVE-2018-9153 - CVE Vulnerability
The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the app_id parameter to zb_users/plugin/AppCentre/plugin_edit.php because of an unanchored regular expression, a different vulnerability than CVE-2018-8893. The component must be accessed directly by an administrator, or through CSRF. (CVSS:0.0) (Last Update:2018-04-16)
Vulnerability Details : The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the app_id parameter to zb_users/plugin/AppCentre/plugin_edit.php because of an unanchored regular expression, a different vulnerability than CVE-2018-8893. The component must be accessed directly by an administrator, or through CSRF. Publish Date : 2018-04-16 Last Update Date : 2018-04-16 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2018-9153
- References For CVE-2018-9153
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2018-9153There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |