Soumettre #287933: Ctcms https://www.ctcms.cn/ 2.1.2 CommandExecutionVulnerabilityinformation

TitreCtcms https://www.ctcms.cn/ 2.1.2 CommandExecutionVulnerability
DescriptionA vulnerability exists in the file ctcms/apps/controllers/admin/Upsys.php where any compressed package can be downloaded and then automatically decompressed. By constructing a one-liner webshell in the compressed package, you can download it and then execute a getshell.
La source⚠️ https://docs.qq.com/doc/DQkVmRXBlbGNPZmlL
Utilisateur
 angelkat (UID 64410)
Soumission26/02/2024 04:44 (il y a 2 ans)
Modérer27/02/2024 08:43 (1 day later)
StatutAccepté
Entrée VulDB254860 [Ctcms 2.1.2 Upsys.php élévation de privilèges]
Points17

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!