Littlebin404

**Name of the Vulnerable Software and Affected Versions** wuzhicms version 4.1.0 **Description** An issue was discovered in wuzhicms, allowing remote attackers to execute arbitrary code via the `setting` parameter to the ueditor in "index.php". **Recommendations** For wuzhicms version 4.1.0, consider disabling the ueditor in index.php as a temporary workaround until a patch is available. Restrict access to the setting parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.