提交 #632537: HuangDou UTCMS V9 RCE vulnerability for remote file download in the background
| 标题 | HuangDou UTCMS V9 RCE vulnerability for remote file download in the background |
|---|---|
| 描述 | In the update.php page, users can remotely downloading the compressed package and automatically decompressing it and RCE. |
| 来源 | ⚠️ https:/ |
| 用户 | Yu Bao (UID 88956) |
| 提交 | 2025-08-12 15時50分 (11 月前) |
| 管理 | 2025-08-24 16時52分 (12 days later) |
| 状态 | 已接受 |
| VulDB条目 | 321238 [HuangDou UTCMS 9 Config update.php UPDATEURL 权限提升] |
| 积分 | 15 |