VDB-247888 · CVE-2023-6760 · GCVE-100-247888

Thecosy IceCMS ଯେପର୍ଯ୍ୟନ୍ତ 2.0.1 ବିସ୍ତାରିତ ଅଧିକାର

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame Thecosy IceCMS ଯେପର୍ଯ୍ୟନ୍ତ 2.0.1 keessatti argameera. Miidhaan irra gahe is hojii hin beekamne. Dhugumatti jijjiirraa gara ବିସ୍ତାରିତ ଅଧିକାର geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-1018 si geessa. Beekumsi kun yeroo 12/13/2023 ifoomsifameera. Odeeffannoon kun buufachuuf 39.106.130.187 irratti dhiyaateera. Dogoggorri kun maqaa CVE-2023-6760 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa hin jiru. Akka dabalataan, meeshaa balaa kana fayyadamuuf argama. Qorannoo miidhaa (exploit) beeksifamee jira, namoonni itti fayyadamuu danda'u. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee murtaa’eera. Exploit kana 39.106.130.187 irraa buufachuu ni dandeessa. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Once again VulDB remains the best source for vulnerability data.

3 ଆଡାପ୍ଟେସନ୍ · 68 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 12/13/2023 08:45 AM	ଅଦ୍ୟତନ 1/2 01/10/2024 06:57 AM	ଅଦ୍ୟତନ 2/2 01/10/2024 07:09 AM
software_vendor	Thecosy	Thecosy	Thecosy
software_name	IceCMS	IceCMS	IceCMS
software_version	<=2.0.1	<=2.0.1	<=2.0.1
vulnerability_cwe	CWE-1018 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-1018 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-1018 (ବିସ୍ତାରିତ ଅଧିକାର)
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rc	R	R	R
advisory_url	http://39.106.130.187/yue/yue.html	http://39.106.130.187/yue/yue.html	http://39.106.130.187/yue/yue.html
exploit_availability	1	1	1
exploit_publicity	1	1	1
exploit_url	http://39.106.130.187/yue/yue.html	http://39.106.130.187/yue/yue.html	http://39.106.130.187/yue/yue.html
source_cve	CVE-2023-6760	CVE-2023-6760	CVE-2023-6760
cna_responsible	VulDB	VulDB	VulDB
advisory_date	1702422000 (12/13/2023)	1702422000 (12/13/2023)	1702422000 (12/13/2023)
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR
cvss2_vuldb_au	S	S	S
cvss2_vuldb_rl	ND	ND	ND
cvss3_vuldb_rl	X	X	X
cvss2_vuldb_basescore	6.5	6.5	6.5
cvss2_vuldb_tempscore	5.6	5.6	5.6
cvss3_vuldb_basescore	6.3	6.3	6.3
cvss3_vuldb_tempscore	5.7	5.7	5.7
cvss3_meta_basescore	6.3	6.3	6.0
cvss3_meta_tempscore	5.7	5.7	5.8
price_0day	$0-$5k	$0-$5k	$0-$5k
cve_assigned		1702422000 (12/13/2023)	1702422000 (12/13/2023)
cve_nvd_summary		A vulnerability classified as critical was found in Thecosy IceCMS up to 2.0.1. This vulnerability affects unknown code. The manipulation leads to manage user sessions. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-247888.	A vulnerability classified as critical was found in Thecosy IceCMS up to 2.0.1. This vulnerability affects unknown code. The manipulation leads to manage user sessions. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-247888.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			L
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			L
cvss3_nvd_i			L
cvss3_nvd_a			N
cvss2_nvd_av			N
cvss2_nvd_ac			L
cvss2_nvd_au			S
cvss2_nvd_ci			P
cvss2_nvd_ii			P
cvss2_nvd_ai			P
cvss3_cna_av			N
cvss3_cna_ac			L
cvss3_cna_pr			L
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			L
cvss3_cna_i			L
cvss3_cna_a			L
cve_cna			VulDB
cvss2_nvd_basescore			6.5
cvss3_nvd_basescore			5.4
cvss3_cna_basescore			6.3

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Do you need the next level of professionalism?

Upgrade your account now!