{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T02:28:46.164","vulnerabilities":[{"cve":{"id":"CVE-2018-1000811","sourceIdentifier":"cve@mitre.org","published":"2018-12-20T15:29:00.297","lastModified":"2024-11-21T03:40:24.397","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to upload a crafted payload containing PHP code."},{"lang":"es","value":"bludit 3.0.0 contiene una vulnerabilidad de subida de archivos de tipo peligroso sin restricción en la subida de contenidos en el editor de páginas que puede resultar en la ejecución remota de comandos. Este ataque parece ser explotable su un usuario malicioso sube una carga útil manipulada que contiene código PHP."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bludit:bludit:3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"BC263E26-4D11-4DBA-B66C-902333B61723"}]}]}],"references":[{"url":"https://github.com/bludit/bludit/issues/812","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/46060/","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/bludit/bludit/issues/812","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/46060/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}