Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PopojiCMS 2.0.1 Remote Command Execution via Authenticated Metadata Settings
Vulnerability Description
PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability that allows administrative users to inject malicious PHP code through the metadata settings endpoint. Attackers can log in and modify the meta content to create a web shell that executes arbitrary system commands through a GET parameter.
CVSS Information
N/A
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
PopojiCMS 代码注入漏洞
Vulnerability Description
PopojiCMS是PopojiCMS开源的一个建站工具。 PopojiCMS 2.0.1版本存在代码注入漏洞,该漏洞源于管理员用户可通过元数据设置端点注入恶意PHP代码,可能导致远程命令执行。
CVSS Information
N/A
Vulnerability Type
N/A