Arbitrary PHP Code Execution Vulnerability in XunRuiCMS v4.3.3 to v4.5.1

Arbitrary PHP Code Execution Vulnerability in XunRuiCMS v4.3.3 to v4.5.1

CVE-2022-30037 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers to execute arbitrary php code, via the add function in cron.php.

Learn more about our Cms Pen Testing.