CVE-2018-9847
GxlcmsQY v1.0.0713 contains an arbitrary PHP code execution vulnerability in the update function (Lib\Lib\Action\Admin\TplAction.class.php). An attacker can place code into a template to achieve remote code execution with network access. Public references in CNVD and NVD corroborate the issue; CV...