| Title | Boyun Boyun PHPCMS <=1.21 Pre-Auth Arbitrary File Download vuln |
|---|
| Description | A vulnerability exists in install/install2.php of the Boyun Web CMS (versions ≤1.21) that allows an attacker to specify an arbitrary MySQL server during installation, potentially connecting to a malicious server under their control. In PHP versions ≤7.1, this can be exploited further using the LOCAL INFILE feature to read arbitrary files from the client system, leading to information disclosure or facilitating further attacks such as triggering PHP object (unserialization) vulnerabilities. |
|---|
| Source | ⚠️ https://note-hxlab.wetolink.com/share/cQGEOmctNARD |
|---|
| User | YELEIPENG (UID 73615) |
|---|
| Submission | 06/26/2025 04:29 (10 months ago) |
|---|
| Moderation | 07/05/2025 19:31 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 315013 [BoyunCMS up to 1.21 on PHP7 Installation install/install2.php db_host deserialization] |
|---|
| Points | 20 |
|---|