Gửi #854989: 上海卓卓网络科技有限公司 DedeCMS 5.7.118 Command Shell in Externally Accessible Directorythông tin

tiêu đề上海卓卓网络科技有限公司 DedeCMS 5.7.118 Command Shell in Externally Accessible Directory
Mô tảDedeCMS V5.7.118 has a remote code execution vulnerability. Attackers can modify column names in the background management system to write malicious PHP code to the column cache file, leading to remote code execution. This vulnerability does not require file uploads or special configuration, only administrator privileges are needed to complete the attack.
Nguồn⚠️ https://github.com/DunkBoyZz/cve/blob/cb7d6aa088d5ae4b603399af0a3279c18b084f11/DedeCMS%20V5.7.118%20Column%20Name%20Cache%20File%20Writing%20RCE%20Vulnerability.docx
Người dùng
 dunkboy (UID 98888)
Đệ trình10/06/2026 10:34 (cách đây 1 tháng)
Kiểm duyệt12/07/2026 18:08 (1 month later)
Trạng tháiBản sao
Mục VulDB377878 [DedeCMS 5.7.118 Column Management /plus/search.php Column Name nâng cao đặc quyền]
điểm0

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!