CVE-2023-33559

High

A local file inclusion vulnerability via the lang parameter in OcoMon before v4.0.1 allows attackers to execute arbitrary code by supplying…

mitre·CWE-829·Published 2023-10-26

CVSS

8.8

EPSS

0.01

KEV

Exploits

cve.orgen

159 chars

A local file inclusion vulnerability via the lang parameter in OcoMon before v4.0.1 allows attackers to execute arbitrary code by supplying a crafted PHP file.

NVDen

159 chars

A local file inclusion vulnerability via the lang parameter in OcoMon before v4.0.1 allows attackers to execute arbitrary code by supplying a crafted PHP file.

NVDes

197 chars

Una vulnerabilidad de inclusión de archivo local a través del parámetro lang en OcoMon anterior a v4.0.1 permite a los atacantes ejecutar código arbitrario proporcionando un archivo PHP manipulado.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H