| शीर्षक | maccms maccms10 10 Logical Vulnerability / Auth Bypass |
|---|
| विवरण | A logical vulnerability in the installation module of maccms10 allows unauthenticated remote attackers to bypass the installation lock. The step5() function in application/install/controller/Index.php fails to check for the existence of the install.lock file before execution. By sending a crafted POST request to /admin.php?s=install/index/index&step=5, an attacker can re-initialize the system, overwrite configurations, and create a new administrative account.
|
|---|
| स्रोत | ⚠️ https://github.com/trustbigcat/CVE/ |
|---|
| उपयोगकर्ता | luther (UID 97566) |
|---|
| सबमिशन | 05/06/2026 05:33 AM (1 महीना पहले) |
|---|
| संयम | 12/07/2026 01:05 PM (1 month later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 377845 [MacCMS Pro तक 2022.1000.3005 Installation Index.php step5 अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|