| Title | MuYucms has Arbitrary code execution vulnerability via file_path Parameters |
|---|
| Description | Constructing packets after logging in and we will read the config fileļ¼and then we can get the key value of the file, and copy the file checksum and replace it in the packet . Visit the corresponding location of the file on the website and find that the code has been successfully executed.
|
|---|
| Source | ⚠️ https://github.com/MuYuCMS/MuYuCMS/issues/5 |
|---|
| User | kaga_cve (UID 41588) |
|---|
| Submission | 02/25/2023 07:26 (3 years ago) |
|---|
| Moderation | 02/26/2023 13:20 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 221803 [MuYuCMS 2.2 /editor/index.php file_path path traversal] |
|---|
| Points | 20 |
|---|