PT-2018-13747 · Dedecms · Dedecms
Ghost
·
Publicado
2018-09-19
·
Atualizado
2019-01-28
·
CVE-2018-16785
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
DedeCMS version V5.7 SP2
Description
A vulnerability exists in DedeCMS, allowing attackers to create a script file and obtain a webshell through XML injection.
Recommendations
For DedeCMS version V5.7 SP2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Dedecms