| Title | 四川迅睿云软件开发有限公司 迅睿CMS <=4.6.4 (2024-12-17) Remote Code Execute |
|---|
| Description | XunRuiCMS is a PHP website content management system licensed under the MIT open-source protocol, supporting multiple core modes.
XunRuiCMS v4.6.3 and earlier versions have a frontend command execution vulnerability. Remote attackers can exploit this vulnerability to gain server access, potentially leading to server compromise. |
|---|
| Source | ⚠️ https://github.com/pwysec/d6qRhl/blob/main/1.pdf |
|---|
| User | p1wy (UID 75818) |
|---|
| Submission | 02/06/2025 07:27 (1 Year ago) |
|---|
| Moderation | 02/10/2025 12:15 (4 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 295090 [dayrui XunRuiCMS up to 4.6.4 /Control/Api/Api.php thumb deserialization] |
|---|
| Points | 18 |
|---|