Primary

Context

ClassCMS Code Execution Vulnerability in Model Management Feature

Vulnerability

A code execution vulnerability exists in ClassCMS version 4.8. This issue allows attackers to execute arbitrary code by crafting a payload in the classview parameter within the model management feature of the administrator backend. Exploitation of this vulnerability could lead to unauthorized control over the server.

Impact

Successful exploitation allows for arbitrary code execution on the server.

Reproduction

To reproduce this vulnerability, log into the ClassCMS admin backend and navigate to the Model Management section. Select any model and click to add a page. In the 'classview' parameter, upload a file that can be executed, such as a PHP file. Once the file is uploaded, access it through the 'phpinfo' command to verify execution. This can be done by visiting the uploaded file's URL, which will display the PHP information page, indicating that the code execution was successful.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

10.0

exploitability

6.3

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

10.0

exploitability

6.3

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ClassCMS Code Execution Vulnerability in Model Management Feature

Vulnerability

Impact

Reproduction

Affected Products

ClassCMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating