Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:NONE-CMS-RCE
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	NoneCMS CVE-2018-20062 Remote Code Execution
Release Date	2019/08/22
Update Number	3201
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: NoneCMS CVE-2018-20062 Remote Code Execution

This signature detects attempts to exploit a known vulnerability against NoneCMS. A successful attack can lead to arbitrary code execution.

Extended Description

An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string.

Affected Products

5none nonecms 1.3.0

References

CVE: CVE-2018-20062

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: NoneCMS CVE-2018-20062 Remote Code Execution

Extended Description

Affected Products

References