2.1.2 CommandExecutionVulnerability정보

제목	Ctcms https://www.ctcms.cn/ 2.1.2 CommandExecutionVulnerability
설명	A vulnerability exists in the file ctcms/apps/controllers/admin/Upsys.php where any compressed package can be downloaded and then automatically decompressed. By constructing a one-liner webshell in the compressed package, you can download it and then execute a getshell.
원천	⚠️ https://docs.qq.com/doc/DQkVmRXBlbGNPZmlL
사용자	angelkat (UID 64410)
제출	2024. 02. 26. AM 04:44 (2 연령 ago)
모더레이션	2024. 02. 27. AM 08:43 (1 day later)
상태	수락
VulDB 항목	254860 [Ctcms 2.1.2 Upsys.php 권한 상승]
포인트들	17

Do you want to use VulDB in your project?

Use the official API to access entries easily!