Description

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Related CPE's

Could not find any relations

References

https://github.com/ueh1013/VULN/issues/9

https://vuldb.com/?ctiid.339491

https://vuldb.com/?id.339491

https://vuldb.com/?submit.725142

https://github.com/ueh1013/VULN/issues/9

Weaknesses

[email protected]

Secondary
CWE-287

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.3 · High

Information

Source identifier

[email protected]

Vulnerability status

Received

Published

2026-01-05T05:15:55.007Z

43 hours ago

Last modified

2026-01-06T19:15:57.600Z

5 hours ago