GobyVuls/MCms/README.md

# MCMS 5.2.4 Arbitrary File Upload

Mingfei MCms is a complete open source content management system.MCms 5.2.4 version /file/upload.do has arbitrary file upload vulnerabilities. Attackers can upload malicious Trojan horses to control server permissions.

FOFA **query rule**: [body="ms/1.0.0/ms.js" || body="铭飞MCMS"](https://fofa.so/result?qbase64=Ym9keT0ibXMvMS4wLjAvbXMuanMiIHx8IGJvZHk9IumTremjnk1DTVMi)

# Demo

![MCMS_5_2_4_Arbitrary_File_Upload](MCMS_5_2_4_Arbitrary_File_Upload.gif)
add: Crestron_Hd_Md4X2_Credential_Disclosure_CVE_2022_23178 add: MCMS_5_2_4_Arbitrary_File_Upload 2022-01-26 16:04:16 +08:00			`# MCMS 5.2.4 Arbitrary File Upload`

			`Mingfei MCms is a complete open source content management system.MCms 5.2.4 version /file/upload.do has arbitrary file upload vulnerabilities. Attackers can upload malicious Trojan horses to control server permissions.`

			`FOFA query rule: [body="ms/1.0.0/ms.js" \|\| body="铭飞MCMS"](https://fofa.so/result?qbase64=Ym9keT0ibXMvMS4wLjAvbXMuanMiIHx8IGJvZHk9IumTremjnk1DTVMi)`

			`# Demo`

			`![MCMS_5_2_4_Arbitrary_File_Upload](MCMS_5_2_4_Arbitrary_File_Upload.gif)`