| Título | MuYucms has Arbitrary code execution vulnerability |
|---|
| Descripción | we can construct packets after logging in and we will read the config file, and then we can Specify the remote url to download the file and save the downloaded file to the specified location. then we can access the specified file directory and find that the code was successfully executed.
|
|---|
| Fuente | ⚠️ https://github.com/MuYuCMS/MuYuCMS/issues/7 |
|---|
| Usuario | kaga_cve (UID 41588) |
|---|
| Sumisión | 2023-02-25 07:39 (hace 3 años) |
|---|
| Moderación | 2023-02-26 13:20 (1 day later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 221805 [MuYuCMS 2.2 getFile.html url escalada de privilegios] |
|---|
| Puntos | 20 |
|---|