Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a check_bad function in an attempt to block certain PHP functions such as eval, but does not prevent use of preg_replace 'e' calls, allowing users to execute arbitrary code by leveraging access to admin template management.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SDCMS 安全漏洞
Vulnerability Description
SDCMS是中国烟火网络科技公司的一套基于PHP和MySQL的企业建站内容管理系统(CMS)。 使用PHP 5.x版本的SDCMS 1.6版本中存在安全漏洞。攻击者可通过访问模板管理利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A