| Titel | MuYucms has Arbitrary code execution vulnerability via file_path Parameters |
|---|
| Beschreibung | Constructing packets after logging in and we will read the config file,and then we can get the key value of the file, and copy the file checksum and replace it in the packet . Visit the corresponding location of the file on the website and find that the code has been successfully executed.
|
|---|
| Quelle | ⚠️ https://github.com/MuYuCMS/MuYuCMS/issues/5 |
|---|
| Benutzer | kaga_cve (UID 41588) |
|---|
| Einreichung | 25.02.2023 07:26 (vor 3 Jahren) |
|---|
| Moderieren | 26.02.2023 13:20 (1 day later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 221803 [MuYuCMS 2.2 /editor/index.php file_path Directory Traversal] |
|---|
| Punkte | 20 |
|---|