提交 #495820: 四川迅睿云软件开发有限公司 迅睿CMS <=4.6.4 (2024-12-17) Remote Code Execute信息

标题四川迅睿云软件开发有限公司 迅睿CMS <=4.6.4 (2024-12-17) Remote Code Execute
描述XunRuiCMS is a PHP website content management system licensed under the MIT open-source protocol, supporting multiple core modes. XunRuiCMS v4.6.3 and earlier versions have a frontend command execution vulnerability. Remote attackers can exploit this vulnerability to gain server access, potentially leading to server compromise.
来源⚠️ https://github.com/pwysec/d6qRhl/blob/main/1.pdf
用户
 p1wy (UID 75818)
提交2025-02-06 07時27分 (1 年前)
管理2025-02-10 12時15分 (4 days later)
状态已接受
VulDB条目295090 [dayrui XunRuiCMS 直到 4.6.4 /Control/Api/Api.php thumb 权限提升]
积分18

Want to know what is going to be exploited?

We predict KEV entries!