NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker to gain privileged access.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNuuo Cms
APPNuuo≤ 3.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2018-17934CRITICAL9.8ten sam produkt
NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname that is able...
CVE-2018-17936CRITICAL9.8ten sam produkt
NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or ov...
CVE-2018-17888CRITICAL9.8ten sam produkt
NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow ...
CVE-2018-17890CRITICAL9.8ten sam produkt
NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functi...
CVE-2018-18982HIGH8.8ten sam produkt
NUUO CMS All versions 3.3 and prior the web server application allows injection of arbitrary SQL characters, w...