N/A

WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file type is controllable, the user can modify the upload file type to get webshell.

N/A

N/A

WellCMS 代码问题漏洞

WellCMS是一款开源的具备亿级负载、倾向移动端、轻量级、具有超快反应能力的高负载CMS，是大数据量、高并发访问网站最佳选择的轻CMS。具有安全、高效、稳定、速度超快、负载超强的特点。 WellCMS 2.0存在安全漏洞，该漏洞源于CMS后台上传文件类型校验的不完整。攻击者可利用该漏洞修改上传文件类型来获得webshell。

N/A

N/A