提出 #854989: 上海卓卓网络科技有限公司 DedeCMS 5.7.118 Command Shell in Externally Accessible Directory情報

タイトル上海卓卓网络科技有限公司 DedeCMS 5.7.118 Command Shell in Externally Accessible Directory
説明DedeCMS V5.7.118 has a remote code execution vulnerability. Attackers can modify column names in the background management system to write malicious PHP code to the column cache file, leading to remote code execution. This vulnerability does not require file uploads or special configuration, only administrator privileges are needed to complete the attack.
ソース⚠️ https://github.com/DunkBoyZz/cve/blob/cb7d6aa088d5ae4b603399af0a3279c18b084f11/DedeCMS%20V5.7.118%20Column%20Name%20Cache%20File%20Writing%20RCE%20Vulnerability.docx
ユーザー
 dunkboy (UID 98888)
送信2026年06月10日 10:34 (1 月 ago)
モデレーション2026年07月12日 18:08 (1 month later)
ステータス重複
VulDBエントリ377878 [DedeCMS 5.7.118 Column Management /plus/search.php Column Name 特権昇格]
ポイント0

Want to know what is going to be exploited?

We predict KEV entries!