2 matches found
CVE-2018-17126
CVE-2018-17126 affects CScms 4.1. The vulnerability is a remote code execution through a crafted input in Web Name to upload\plugins\sys\Install.php, leveraging 1');eval($_POST[cmd]);# in the Install.php file. This indicates an unauthenticated remote command execution path via user-supplied POST ...
CVE-2018-17126
CScms 4.1 allows remote code execution, as demonstrated by 1';eval$POSTcmd; in Web Name to upload\plugins\sys\Install.php...