Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-26120 PoC — Simon Wisselink Smarty 代码注入漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/CMS%E6%BC%8F%E6%B4%9E/CMS%20Made%20Simple%20%28CMSMS%29%20%E5%89%8D%E5%8F%B0%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2021-26120.md
Associated Vulnerability
Title:Simon Wisselink Smarty 代码注入漏洞 (CVE-2021-26120)
Description:Simon Wisselink Smarty是荷兰Simon Wisselink社区的一个应用程序。提供了一种易于管理的方式,可以将应用程序逻辑和内容与其表示形式分开。 Smarty before 3.1.39 存在代码注入漏洞,该漏洞允许通过{function name= substring后的意外函数名注入代码。
File Snapshot

 # CMS Made Simple (CMSMS) 前台代码执行漏洞 CVE-2021-26120

## 漏洞描述

CMS Made Simple(CMSMS)是一个免费的开放源码内容管理系统,为

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.