CSRF Vulnerability in GreenCMS v2.3.0603 Allows Arbitrary PHP Code Execution

CVE-2018-11670 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect.

Learn more about our Cms Pen Testing.