| Título | gitee XunruiCms v4.6.3 Deserialization and code excute |
|---|
| Descripción | There is a deserialization vulnerability in the latest version of Xunrui CMS gitee release, which can execute code and construct POP chains according to the purpose of exploitation, such as RCE chains, execute system commands. A malicious attacker is able to gain privileges on the server. |
|---|
| Fuente | ⚠️ https://github.com/stevenchen0x01/CVE2/blob/main/cve2.md |
|---|
| Usuario | Steven_Dra3w (UID 76559) |
|---|
| Sumisión | 2025-02-05 12:57 (hace 1 Año) |
|---|
| Moderación | 2025-02-10 11:22 (5 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 295080 [dayrui XunRuiCMS 4.6.3 Linkage.php import_add escalada de privilegios] |
|---|
| Puntos | 17 |
|---|