|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-06-03 | |
| Rule Name: | Shiziyu CMS image_upload.php Arbitrary File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Shiziyu CMS is a small program as the carrier of the website content management system, through the Shiziyu CMS can quickly build community community social resources community group purchase platform. Shiziyu CMS image_upload.php has any file upload vulnerability, the vulnerability stems from the CMS using CK editor, there is an image upload bypass, resulting in arbitrary file upload, and then execute malicious code, and finally obtain server permissions. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |