CVE-2018-17126

CScms 4.1 allows remote code execution, as demonstrated by 1');eval($_POST[cmd]);# in Web Name to upload\plugins\sys\Install.php.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:chshcms:cscms:4.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-09-17 04:29

Updated : 2018-11-19 17:18


NVD link : CVE-2018-17126

Mitre link : CVE-2018-17126


JSON object : View

Products Affected

chshcms

  • cscms
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')