| Titel | HuangDou UTCMS V9 RCE |
|---|
| Beschreibung | The cli.php page can execute system commands without authentication. The filtering rules stipulate that commands can only start with cd, php, nohup, or composer. However, system commands can be executed using "nohup whoami". |
|---|
| Quelle | ⚠️ https://github.com/DeepMountains/zzz/blob/main/CVE5-1.md |
|---|
| Benutzer | chenzijie0619 (UID 74657) |
|---|
| Einreichung | 06.10.2024 04:48 (vor 2 Jahren) |
|---|
| Moderieren | 12.10.2024 18:16 (7 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 280244 [HuangDou UTCMS V9 cli.php o erweiterte Rechte] |
|---|
| Punkte | 14 |
|---|