CVE-2018-16785
The connected sources confirm a concrete vulnerability in DedeCMS v5.7 SP2 (PHP-based CMS): a file-write flaw that attackers can exploit to write a script file and obtain a webshell. This CVE (CVE-2018-16785) is described as affecting DedeCMS 5.7 SP2 with XML injection/file-write mechanics enabli...