Jaws 代码问题漏洞

Jaws is a framework and content management system for building dynamic websites. A remote code execution vulnerability exists in Jaws 1.8.0 and earlier versions. The vulnerability can be exploited by a remote authenticated administrator to execute OS commands by uploading a theme ZIP file...

PT-2017-14647 · October · October Cms

Name of the Vulnerable Software and Affected Versions: October CMS versions 1.0.0 through 1.0.428 Description: The issue allows remote authenticated users to execute arbitrary PHP code by downloading a theme ZIP archive from /backend/cms/themes, and then uploading and importing a modified archive...