| Título | MuYucms has Arbitrary code execution vulnerability |
|---|
| Descrição | we can construct packets after logging in and we will read the config file, and then we can Specify the remote url to download the file and save the downloaded file to the specified location. then we can access the specified file directory and find that the code was successfully executed.
|
|---|
| Fonte | ⚠️ https://github.com/MuYuCMS/MuYuCMS/issues/7 |
|---|
| Utilizador | kaga_cve (UID 41588) |
|---|
| Submissão | 25/02/2023 07h39 (há 3 anos) |
|---|
| Moderação | 26/02/2023 13h20 (1 day later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 221805 [MuYuCMS 2.2 getFile.html url Elevação de Privilégios] |
|---|
| Pontos | 20 |
|---|