VYPR
Critical severity9.8NVD Advisory· Published Oct 16, 2024· Updated Jun 17, 2026

CVE-2024-48180

CVE-2024-48180

Description

ClassCMS <=4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can include a file uploaded to the/class/template directory to execute PHP code.

Affected products

2
  • ClassCMS/ClassCMScpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=4.8

Patches

Vulnerability mechanics

News mentions

0

No linked articles in our index yet.