| 제목 | 上海卓卓网络科技有限公司 DedeCMS 5.7.118 Command Shell in Externally Accessible Directory |
|---|
| 설명 | DedeCMS V5.7.118 has a remote code execution vulnerability. Attackers can modify column names in the background management system to write malicious PHP code to the column cache file, leading to remote code execution. This vulnerability does not require file uploads or special configuration, only administrator privileges are needed to complete the attack. |
|---|
| 원천 | ⚠️ https://github.com/DunkBoyZz/cve/blob/cb7d6aa088d5ae4b603399af0a3279c18b084f11/DedeCMS%20V5.7.118%20Column%20Name%20Cache%20File%20Writing%20RCE%20Vulnerability.docx |
|---|
| 사용자 | dunkboy (UID 98888) |
|---|
| 제출 | 2026. 06. 10. AM 10:34 (1 월 ago) |
|---|
| 모더레이션 | 2026. 07. 12. PM 06:08 (1 month later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 377878 [DedeCMS 5.7.118 Column Management /plus/search.php Column Name 권한 상승] |
|---|
| 포인트들 | 0 |
|---|