CVE-2024-39243
CRITICALskycaiji 2.8 - Remote Code Execution via /index.php?s=/admin/develop/editor_save
Title source: llmDescription
An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST request to /index.php?s=/admin/develop/editor_save.
References (1)
Core 1
Core References
Broken Link
https://fushuling.com/index.php/2024/06/11/test/
Scores
CVSS v3
9.8
EPSS
0.0049
EPSS Percentile
38.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-74
CWE-75
Status
published
Products (1)
skycaiji/skycaiji
2.8
Published
Jun 26, 2024
Tracked Since
Feb 18, 2026