CVE-2024-22638

CRITICAL

liveSite <2019.1 - RCE

Title source: llm

Description

liveSite v2019.1 was discovered to contain a remote code execution (RCE) vulenrabiity via the component /livesite/edit_designer_region.php or /livesite/add_email_campaign.php.

Exploits (1)

exploitdb WORKING POC
by tmrswrr · textwebappsphp
https://www.exploit-db.com/exploits/51936

References (2)

Scores

CVSS v3 9.8
EPSS 0.0639
EPSS Percentile 91.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
livesite/livesite 2019.1
Published Jan 25, 2024
Tracked Since Feb 18, 2026