CVE-2024-48700
Description
Kliqqi-CMS has a background arbitrary code execution vulnerability that attackers can exploit to implant backdoors or getShell via the edit_page.php component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Kliqqi-CMS contains an arbitrary code execution vulnerability in edit_page.php allowing attackers to implant backdoors or gain shell access.
Vulnerability
Kliqqi-CMS is vulnerable to arbitrary code execution in the edit_page.php component. Attackers can exploit this to implant backdoors or obtain a shell. The vulnerability exists in the background management interface. Affected versions are not explicitly stated in the available references, but the issue is present in the Kliqqi-CMS codebase [1].
Exploitation
An attacker requires access to the background (admin panel) of Kliqqi-CMS. The exploitation involves sending crafted requests to edit_page.php to execute arbitrary code. No user interaction beyond the attacker's own actions is needed once authenticated [1].
Impact
Successful exploitation allows an attacker to execute arbitrary code on the server, leading to full compromise of the CMS. This can result in backdoor installation, data theft, or complete server takeover [1].
Mitigation
As of the publication date (2024-10-25), no official patch or fixed version has been released. Users should monitor the Kliqqi-CMS project for updates and consider restricting access to the admin panel as a workaround [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.