CVE-2015-7774

PC-EGG pWebManager <3.3.10 & <2.2.2 (PHP 4.x) - Command Injection

Title source: llm
STIX 2.1

Description

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role.

References (3)

Core 3
Core References
Vendor Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000180
Patch, Vendor Advisory x_refsource_confirm
http://www.pwebmanager.org/
Vendor Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN25323093/index.html

Scores

EPSS 0.0130
EPSS Percentile 66.9%

Details

CWE
CWE-78
Status published
Products (1)
pc-egg/pwebmanager < 3.3.9a
Published Nov 14, 2015
Tracked Since Feb 18, 2026