在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
CVE-2019-9829Maccms 代码注入漏洞 发布时间:2019-03-14类型:CANstatus:Candidatephase:Assigned 漏洞描述Maccms是一套基于PHP的影视内容管理系统(CMS)。 Maccms 10版本中存在代码注入漏洞。远程攻击者可利用该漏洞注入并执行任意的PHP代码。Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/default_pc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates. |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论