CVE-2023-46042: Code Injection
First published: Thu Oct 19 2023(Updated: )
An issue in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via a crafted payload to the phpinfo().
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Get-simple Getsimplecms | =3.4.0a |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-46042?
CVE-2023-46042 is a vulnerability in GetSimpleCMS v.3.4.0a that allows a remote attacker to execute arbitrary code via a crafted payload to the phpinfo().
How severe is CVE-2023-46042?
CVE-2023-46042 has a severity rating of 9.8, which is considered critical.
How can I exploit the vulnerability in CVE-2023-46042?
As a cybersecurity analyst, I cannot provide instructions on exploiting vulnerabilities. It is recommended to follow responsible disclosure practices and report the vulnerability to the software vendor.
How can I fix CVE-2023-46042?
A fix for CVE-2023-46042 is not available at the moment. It is recommended to stay updated with the latest security advisories from GetSimpleCMS and apply patches or updates as soon as they are released.
Where can I find more information about CVE-2023-46042?
You can find more information about CVE-2023-46042 in the GitHub page provided as a reference: https://github.com/Num-Nine/CVE/wiki/A-file-write-vulnerability-exists-in-GetSimpleCMS
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- agent/severity
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/weakness
- agent/tags
- vendor/get-simple
- canonical/get-simple getsimplecms
- version/get-simple getsimplecms/3.4.0a