Submeter #848741: maccms maccms10 10 Logical Vulnerability / Auth Bypassinformação

Títulomaccms maccms10 10 Logical Vulnerability / Auth Bypass
DescriçãoA logical vulnerability in the installation module of maccms10 allows unauthenticated remote attackers to bypass the installation lock. The step5() function in application/install/controller/Index.php fails to check for the existence of the install.lock file before execution. By sending a crafted POST request to /admin.php?s=install/index/index&step=5, an attacker can re-initialize the system, overwrite configurations, and create a new administrative account.
Fonte⚠️ https://github.com/trustbigcat/CVE/
Utilizador
 luther (UID 97566)
Submissão05/06/2026 05h33 (há 1 mês)
Moderação12/07/2026 13h05 (1 month later)
EstadoAceite
Entrada VulDB377845 [MacCMS Pro até 2022.1000.3005 Installation Index.php step5 Elevação de Privilégios]
Pontos20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!