Lucene search
China National Vulnerability DatabaseCNVD-2022-20128HistoryMar 14, 2022 - 12:00 a.m.
Luocms arbitrary file writing vulnerability
2022-03-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
luocms v2.0
arbitrary file-writing
vulnerability
template_manage.php
insufficient validation
file_content
filenames
exploitation
shell files
article management system
cnvd
EPSS
0.004
Percentile
72.6%
Luocms v2.0 is an article management system. Luocms v2.0 is vulnerable to an arbitrary file-writing vulnerability that results from insufficient validation of file_content submissions and filenamede filenames, which can be exploited to write arbitrary shell files via /admin/templates/template_manage .php to write arbitrary shell files.
Related
cve
cve
CVE-2022-24609
2022-03-10 17:46:22
cvelist
cvelist
CVE-2022-24609
2022-03-09 13:32:02
nvd
nvd
CVE-2022-24609
2022-03-10 17:46:22
prion
prion
Improper access control
2022-03-10 17:46:00