提交 #848741: maccms maccms10 10 Logical Vulnerability / Auth Bypass信息

标题maccms maccms10 10 Logical Vulnerability / Auth Bypass
描述A logical vulnerability in the installation module of maccms10 allows unauthenticated remote attackers to bypass the installation lock. The step5() function in application/install/controller/Index.php fails to check for the existence of the install.lock file before execution. By sending a crafted POST request to /admin.php?s=install/index/index&step=5, an attacker can re-initialize the system, overwrite configurations, and create a new administrative account.
来源⚠️ https://github.com/trustbigcat/CVE/
用户
 luther (UID 97566)
提交2026-06-05 05時33分 (1 月前)
管理2026-07-12 13時05分 (1 month later)
状态已接受
VulDB条目377845 [MacCMS Pro 直到 2022.1000.3005 Installation Index.php step5 权限提升]
积分20

Do you know our Splunk app?

Download it now for free!