CVE-2019-8933
CVE-2019-8933 affects DedeCMS 5.7SP2. An attacker can upload a PHP file to uploads/ and execute it by abusing the management/template workflow: navigate to Default Template Management, create a New Template, and alter the filename from ../index.html to ../index.php. This indicates a path/filename...