漏洞描述
【漏洞对象】FineCMS 【涉及版本】FineCMS v5.4.0_bulid2018062 【漏洞描述】FineCMS系统v5.4.0_bulid20180620前台代码执行,该CMS现已升级为POSCMS个人版,该漏洞可能导致攻击者在服务器端任意执行代码,进而控制整个web服务器。
FineCMS v5.4.0_bulid20180620前台-代码执行
PoC代码
暂无相关漏洞推荐
- CVE-2019-16759: vBulletin v5.0.0-v5.5.4 Remote Command Execution
- finecms-sqli: FineCMS sqli
- POC CVE-2008-7269: UC Gateway Investment SiteEngine v5.0 - Open Redirect
- POC CVE-2012-1823: PHP CGI v5.3.12/5.4.2 Remote Code Execution
- POC CVE-2017-11586: FineCMS <5.0.9 - Open Redirect
- POC CVE-2017-11629: FineCMS <=5.0.10 - Cross-Site Scripting
- POC CVE-2022-23347: BigAnt Server v5.6.06 - Local File Inclusion
- POC CVE-2022-26585: Mingsoft MCMS v5.2.7 - SQL Injection
- POC CVE-2023-40931: Nagios XI v5.11.0 - SQL Injection
- POC CVE-2023-41599: JFinalCMS v5.0.0 - Directory Traversal
- POC CVE-2023-49494: DedeCMS v5.7.111 - Cross-Site Scripting
- POC CVE-2024-5276: Fortra FileCatalyst Workflow <= v5.1.6 - SQL Injection
- POC CVE-2022-23898: MCMS IContentDao.xml. v5.2.5 - SQL Injection