- EPSS 2.07%
- Veröffentlicht 27.09.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 07:17:53
Orckestra C1 CMS is a .NET based Web Content Management System. A vulnerability in versions prior to 6.13 allows remote attackers to execute arbitrary code on affected installations of Orckestra C1 CMS. Authentication is required to exploit this vuln...
CVE-2022-24789
- EPSS 0.27%
- Veröffentlicht 28.03.2022 22:15:09
- Zuletzt bearbeitet 21.11.2024 06:51:06
C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery (SSRF) by causing the server to make arbitrary GET requests to other servers in the local ...
CVE-2021-34992
- EPSS 21.14%
- Veröffentlicht 15.11.2021 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:11:39
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Orckestra C1 CMS 6.10. Authentication is required to exploit this vulnerability. The specific flaw exists within Composite.dll. The issue results from t...
CVE-2019-18211
- EPSS 2.81%
- Veröffentlicht 23.12.2019 23:15:12
- Zuletzt bearbeitet 21.11.2024 04:32:50
An issue was discovered in Orckestra C1 CMS through 6.6. The EntityTokenSerializer class in Composite.dll is prone to unvalidated deserialization of wrapped BinaryFormatter payloads, leading to arbitrary remote code execution for any low-privilege us...