admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/MCms/README.md
gaopeng2 586acfdb0a add: Crestron_Hd_Md4X2_Credential_Disclosure_CVE_2022_23178 
add: MCMS_5_2_4_Arbitrary_File_Upload
2022-01-26 16:04:16 +08:00

494 B
Raw Permalink Blame History

MCMS 5.2.4 Arbitrary File Upload

Mingfei MCms is a complete open source content management system.MCms 5.2.4 version /file/upload.do has arbitrary file upload vulnerabilities. Attackers can upload malicious Trojan horses to control server permissions.

FOFA query rule: body="ms/1.0.0/ms.js" || body="铭飞MCMS"

Demo

MCMS_5_2_4_Arbitrary_File_Upload