Arbitrary Remote Code Execution in NUUO CMS Versions 3.1 and Prior via Session ID Vulnerability
CVE-2018-17888 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution.
Learn more about our Cms Pen Testing.