Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code via crafted arguments to the (1) text_evento and (2) email_eventonome_evento parameters to phpwcms_code_snippets/mail_file_form.php and sample_ext_php/mail_file_form.php, which is processed by the render_PHPcode function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phpwcms 多个代码执行漏洞
Vulnerability Description
phpwcms 1.2.5-DEV及其早期版本和RC4版本之前的1.1版本允许远程攻击者可以借助对(1)text_evento和(2)对phpwcms_code_snippets/mail_file_form.php以及sample_ext_php/mail_file_form.php的email_eventonome_evento参数的特制的自变量,执行任意代码。该自变量经过render_PHPcode函数处理。
CVSS Information
N/A
Vulnerability Type
N/A