Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2023-39681

Description

Cuppa CMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at /Configuration.php. This vulnerability is triggered via a crafted payload.

POC

Reference

- https://github.com/yanbochen97/CuppaCMS_RCE

Github

- https://github.com/20142995/nuclei-templates

- https://github.com/cyb3r-w0lf/nuclei-template-collection