Enviar #427401: Beijing Wuzhi Internet Technology Co., Ltd wuzhicms 4.1.0 Remote Command Executioninformación

TítuloBeijing Wuzhi Internet Technology Co., Ltd wuzhicms 4.1.0 Remote Command Execution
DescripciónThe add method in the www/coreframe/app/content/admin/block.php file can be used to construct malicious template_comde content that will be executed when generating static HTML and write the execution result into the corresponding HTML file, causing GETSHELL
Fuente⚠️ https://github.com/wuzhicms/wuzhicms/issues/209
Usuario
 LVZC (UID 74910)
Sumisión2024-10-21 04:26 (hace 2 años)
Moderación2024-10-29 18:42 (9 days later)
EstadoAceptado
Entrada de VulDB282444 [wuzhicms 4.1.0 block.php add/edit escalada de privilegios]
Puntos18

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!

n $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0'; } } ?>