| Title | wtcms cms 1.0 RCE |
|---|
| Description | A critical Remote Code Execution vulnerability has been identified in the frontend component of WTCMS 1.0. The vulnerability allows unauthenticated attackers to write arbitrary PHP code to the server by exploiting improper handling of the content parameter in the fetch function. This vulnerability can be exploited without any authentication, making it particularly severe. |
|---|
| Source | ⚠️ https://github.com/TiKi-r/CVE-Report/blob/main/WtcmsRCE.md |
|---|
| User | sT1TcH (UID 91291) |
|---|
| Submission | 11/05/2025 12:20 (8 months ago) |
|---|
| Moderation | 11/29/2025 14:02 (24 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 333790 [taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665 /index.php fetch content code injection] |
|---|
| Points | 17 |
|---|