What is CVE-2018-19127?

CVE-2018-19127 is a vulnerability in N/a. Published 2018-11-09.

Is CVE-2018-19127 known to be exploited?

8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-19127

A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The PHP code is sent via the template paramet…

EPSS: 0.845 (99.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ab1gale/phpcms-2008-CVE-2018-19127
0xT11/CVE-POC
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
CVEDB/PoC-List
CVEDB/awesome-cve-repo
SexyBeast233/SecBooks
zhibx/fscan-Intranet

References

github.com/ab1gale/phpcms-2008-CVE-2018-19127 (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-19127?: CVE-2018-19127 is a vulnerability in N/a. Published 2018-11-09.
Is CVE-2018-19127 known to be exploited?: 8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.