No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key

No description provided by source. ?php / Static encryptionkey of No-CMS lead to Session Array Injection in order to hijack administrator account then you will be able for upload php files to server via theme/module upload. This exploit generates cookie for administrator access from non-privilege...