High severity8.8NVD Advisory· Published Sep 13, 2022· Updated Jun 17, 2026
CVE-2022-37190
CVE-2022-37190
Description
CuppaCMS 1.0 is vulnerable to Remote Code Execution (RCE). An authenticated user can control both parameters (action and function) from "/api/index.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Cuppa/CuppaCMSdescription
Patches
Vulnerability mechanics
References
1- github.com/CuppaCMS/CuppaCMS/issues/22nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.