Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In OkayCMS through 2.3.4, an unauthenticated attacker can achieve remote code execution by injecting a malicious PHP object via a crafted cookie. This could happen at two places: first in view/ProductsView.php using the cookie price_filter, and second in api/Comparison.php via the cookie comparison.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OkayCMS 注入漏洞
Vulnerability Description
OkayCMS是一套用于创建在线电子商店的内容管理系统(CMS)。 OkayCMS 2.3.4及之前版本中存在安全漏洞。攻击者可通过特制的cookie注入恶意的PHP对象利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A