cvedb.io
CVE-2022-30037
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2023-03-23T02:15:12.427 · Last modified 2026-06-17T04:43:00.233

Summary

XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers to execute arbitrary php code, via the add function in cron.php.

Affected products

xunruicms — xunruicms

Does this affect you?

Add your gear to cvedb and we'll alert you only when xunruicms ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.