Vulnerability CVE-2014-2302

Vulnerability CVE-2014-2302

Published: 2018-07-19

Description:

	Topic	Author	Date
High	webEdition CMS 2.8.0.0 Remote Command Execution	RedTeam	30.05.2014

Type:

(Improper Control of Generation of Code ('Code Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

Affected software
Webedition -> Webedition cms

http://packetstormsecurity.com/files/126861/webEdition-CMS-2.8.0.0-Remote-Command-Execution.html

http://seclists.org/fulldisclosure/2014/May/147

http://www.securityfocus.com/archive/1/532230/100/0/threaded

http://www.securityfocus.com/bid/67692

https://www.redteam-pentesting.de/advisories/rt-sa-2014-004