vendor:
Ignition
by:
Sina Yazdanmehr (R3d.W0rm)
7,5
CVSS
HIGH
Remote Code Execution
78
CWE
Product Name: Ignition
Affected Version From: 1.2
Affected Version To: 1.2
Patch Exists: YES
Related CWE: N/A
CPE: a:ignition:ignition
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
Ignition Remote Code Execution
A vulnerability in Ignition allows an attacker to inject a PHP code in the comment section and execute it when the page is refreshed.
Mitigation:
Upgrade to the latest version of Ignition