| Titel | ICMS https://www.icmsdev.com/ 8.0.0 Code Injection |
|---|
| Beschreibung | Vulnerability Files:
app/config/ConfigAdmincp.php (Line 110-123)
Prerequisites (Exploitation Conditions):
Requirement
Description
Authentication
Administrator account with access to backend (/admincp.php)
Permission Level
Super administrator or user with config management permission
CSRF Token
Valid CSRF token from the current session
Session Cookie
Valid iCMS_ADMINCP session cookie
Important Notes:
This is a post-authentication vulnerability
Requires valid admin credentials to exploit
CSRF protection exists but does not prevent authenticated attacks
The attacker must either have admin access or trick an admin into executing malicious requests (CSRF attack scenario)
Description:
A critical Remote Code Execution (RCE) vulnerability exists in iCMS version 8.0.0 and below. The vulnerability is located in the save() function of the ConfigAdmincp class, which allows an authenticated administrator to execute arbitrary PHP functions through the saveCall POST parameter. |
|---|
| Quelle | ⚠️ https://note-hxlab.wetolink.com/share/QWuWZeAmzUdm |
|---|
| Benutzer | hiro (UID 93548) |
|---|
| Einreichung | 18.12.2025 14:30 (vor 6 Monaten) |
|---|
| Moderieren | 31.12.2025 10:31 (13 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 339163 [iCMS bis 8.0.0 POST Parameter ConfigAdmincp.php save config erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|