Submit #303874: Wang Junnan DreamerCMS 4.1.3.1 Remote command executioninfo

TitleWang Junnan DreamerCMS 4.1.3.1 Remote command execution
DescriptionDreamerCMS versions earlier than 4.1.3.1 have an RCE vulnerability, which is caused by the code that detects directory traversal in the compressed package decompression function is bypassed, resulting in the writing of scheduled tasks and the execution of rebound shell commands
Source⚠️ https://gitee.com/y1336247431/poc-public/issues/I9BA5R
Userpasswd7 (ID 66943)
Submission03/25/2024 06:07 AM (4 months ago)
Moderation04/04/2024 04:14 PM (10 days later)
StatusAccepted
VulDB Entry259369

Do you want to use VulDB in your project?

Use the official API to access entries easily!