Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method.
References
Link | Resource |
---|---|
https://github.com/lolipop1234/XXD/issues/7 | Exploit Issue Tracking Third Party Advisory |
https://cwe.mitre.org/data/definitions/96.html | Technical Description |
Configurations
Information
Published : 2021-10-06 15:15
Updated : 2022-09-14 13:32
NVD link : CVE-2020-21652
Mitre link : CVE-2020-21652
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
myucms_project
- myucms