Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Static code injection vulnerability in RunCMS 2M1 allows remote authenticated administrators to execute arbitrary PHP code via the "Filter/Banning" feature, as demonstrated by modifying modules/system/cache/bademails.php using the "Prohibited: Emails" action, and other unspecified filters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RunCMS 2m1 代码注入漏洞
Vulnerability Description
RunCMS是国外的一个开源CMS,功能上包含了建站所需要的大部分功能。 RunCMS 2M1中存在一个静态代码注入漏洞。远程认证用户可以借助"Filter/Banning"属性,例如运用"Prohibited: Emails"操作和其它未知过滤器修改modules/system/cache/bademails.php,以执行任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A