MuYuCMS Template Management admin.php code injection

A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown functionality of the file /admin.php of the component Template Management. The manipulation results in code injection. It is possible to launch the attack remotely.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

对生成代码的控制不恰当(代码注入)

MuYuCMS 代码注入漏洞

MuYuCMS是MuYuCMS开源的一套轻量级开源内容管理系统。 MuYuCMS 2.7及之前版本存在代码注入漏洞，该漏洞源于文件/admin.php中模板管理组件存在未知功能缺陷，可能导致代码注入攻击。

N/A

N/A