CVE-2018-18258
CRITICALBageCMS 3.1.3 - Remote Code Execution via Template Update URI
Title source: llmDescription
An issue was discovered in BageCMS 3.1.3. The attacker can execute arbitrary PHP code on the web server and can read any file on the web server via an index.php?r=admini/template/updateTpl&filename= URI.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/rakjong/vuln/blob/master/Bagecms_vuln_1.pdf
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10284
Scores
CVSS v3
9.8
EPSS
0.0149
EPSS Percentile
70.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-94
Status
published
Products (1)
bagesoft/bagecms
3.1.3
Published
Oct 11, 2018
Tracked Since
Feb 18, 2026