← Back to CVE List
CVE-2018-17888
NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt