Invia #732726: publiccms PublicCMS <= V5.202506.d Remote Code Execution (RCE)informazioni

Titolopubliccms PublicCMS <= V5.202506.d Remote Code Execution (RCE)
DescrizioneA critical path traversal vulnerability exists in the task template management system that allows authenticated administrators to write arbitrary files to the filesystem. By exploiting the weak path sanitization, an attacker can overwrite system scripts that are later executed by the scheduled task system, leading to remote code execution with server privileges.
Fonte⚠️ https://github.com/AnalogyC0de/public_exp/issues/2
Utente
 Ana10gy (UID 93358)
Sottomissione06/01/2026 16:05 (5 mesi fa)
Moderazione17/01/2026 09:58 (11 days later)
StatoAccettato
Voce VulDB341703 [Sanluan PublicCMS fino a 5.202506.d Task Template Management TaskTemplateAdminController.java save path directory traversal]
Punti18

PrecedenteVisione D'ensembleIl prossimo

Interested in the pricing of exploits?

See the underground prices here!