إرسال #571933: 上海卓卓网络科技有限公司 DedeCMS 5.7.117 Administrator backend arbitrary code executionالمعلومات

عنوان上海卓卓网络科技有限公司 DedeCMS 5.7.117 Administrator backend arbitrary code execution
الوصفDedeCMS V5.7.117 official version has user-controllable file writing in dede/sys_verifies.php. Due to insufficient filtering by developers, malicious code is written, which further leads to RCE.
المصدر⚠️ https://github.com/CyberPunk-Infernity/Advisory/issues/2
المستخدم
 Infernity (UID 84975)
ارسال06/05/2025 09:07 AM (12 أشهر منذ)
الاعتدال23/05/2025 08:49 PM (17 days later)
الحالةتمت الموافقة
إدخال VulDB310218 [DedeCMS 5.7.117 Incomplete Fix CVE-2018-9175 sys_verifies.php?action=getfiles refiles تجاوز الصلاحيات]
النقاط17

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!