Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authenticated RCE in Raytha CMS
Vulnerability Description
"Functions" module in Raytha CMS allows privileged users to write custom code to add functionality to application. Due to a lack of sandboxing or access restrictions, JavaScript code executed through Raytha’s “functions” feature can instantiate .NET components and perform arbitrary operations within the application’s hosting environment. This issue was fixed in version 1.4.6.
CVSS Information
N/A
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
Raytha CMS 代码注入漏洞
Vulnerability Description
Raytha CMS是美国Raytha公司的一个内容管理系统。 Raytha CMS存在代码注入漏洞,该漏洞源于Functions模块缺乏沙盒或访问限制,可能导致通过JavaScript代码实例化.NET组件并执行任意操作。
CVSS Information
N/A
Vulnerability Type
N/A