Mocodo Online vulnerabilities
2 known vulnerabilities affecting mocodo/mocodo_online.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2024-35374P2CRITICALCVSS 9.8≤ 4.2.62024-05-24
CVE-2024-35374 [CRITICAL] CWE-77 CVE-2024-35374: Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case input field in /web/gen
Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection, leading to remote code execution (RCE) under certain conditions.
ghsanvdosv
CVE-2024-35373P3CRITICALCVSS 9.8≤ 4.2.62024-05-24
CVE-2024-35373 [CRITICAL] CWE-75 CVE-2024-35373: Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php.
Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php.
nvd