Enviar #303874: Wang Junnan DreamerCMS 4.1.3.1 Remote command executioninformación

TítuloWang Junnan DreamerCMS 4.1.3.1 Remote command execution
DescripciónDreamerCMS versions earlier than x.x.x.x have an RCE vulnerability, which is caused by the code that detects directory traversal in the compressed package decompression function is bypassed, resulting in the writing of scheduled tasks and the execution of rebound shell commands
Fuente⚠️ https://gitee.com/y1336247431/poc-public/issues/I9BA5R
Usuario
 passwd7 (UID 66943)
Sumisión2024-03-25 06:07 (hace 2 años)
Moderación2024-04-04 16:14 (10 days later)
EstadoAceptado
Entrada de VulDB259369 [Dreamer CMS hasta 4.1.3.0 ThemesController.java ZipUtils.unZipFiles recorrido de directorios]
Puntos17

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!