CVE-2021-26120 PoC — Simon Wisselink Smarty 代码注入漏洞

Source

https://github.com/vulhub/vulhub/blob/master/cmsms/CVE-2021-26120/README.md

Associated Vulnerability

Title:Simon Wisselink Smarty 代码注入漏洞 (CVE-2021-26120)
Description:Simon Wisselink Smarty是荷兰Simon Wisselink社区的一个应用程序。提供了一种易于管理的方式，可以将应用程序逻辑和内容与其表示形式分开。 Smarty before 3.1.39 存在代码注入漏洞，该漏洞允许通过{function name= substring后的意外函数名注入代码。

File Snapshot


 # CMS Made Simple (CMSMS) Unauthenticated Remote Code Execution (CVE-2019-9053/CVE-2021-26120)

[中文版

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-26120 PoC — Simon Wisselink Smarty 代码注入漏洞

Source

Associated Vulnerability

File Snapshot

Remarks