Vulnerabilities > CVE-2020-18184 - Unspecified vulnerability in Pluxxml 5.7

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

pluxxml

NVD

Published: 2020-10-02

Updated: 2020-10-14

Summary

In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.

Vulnerable Configurations

Part	Description	Count
Application	Pluxxml Pluxxml Pluxxml 5.7	1

References

https://github.com/pluxml/PluXml/issues/320