CVE-2020-20698

Name of the Vulnerable Software and Affected Versions: S-CMS PHP version 3.0

Description: A remote code execution issue in the /1.com.php file of S-CMS PHP allows attackers to execute arbitrary code via modification of a PHP file, potentially leading to unauthorized access. The issue can be exploited by modifying a PHP file, which enables attackers to getshell.

Recommendations: For S-CMS PHP version 3.0, update the /1.com.php file to prevent modification by unauthorized users. As a temporary workaround, consider restricting access to the /1.com.php file until a patch is available.