Arbitrary PHP Code Execution in UCMS 1.4.7 via sadmin_fileedit Action

Arbitrary PHP Code Execution in UCMS 1.4.7 via sadmin_fileedit Action

CVE-2018-20599 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadmin_fileedit action.

Learn more about our Cms Pen Testing.