Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-25483 PoC — UCMS 命令注入漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/CMS%E6%BC%8F%E6%B4%9E/UCMS%20%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E%20CVE-2020-25483.md
Associated Vulnerability
Title:UCMS 命令注入漏洞 (CVE-2020-25483)
Description:An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
File Snapshot

 # UCMS 文件上传漏洞 CVE-2020-25483

## 漏洞描述

UCMS v1.4.8版本存在安全漏洞,该漏洞源于文件写的fopen()函数存在任意命令执行漏洞,攻击者可利用该漏洞可以通

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →