Critical severity9.8NVD Advisory· Published Sep 17, 2018· Updated Jun 17, 2026
CVE-2018-17126
CVE-2018-17126
Description
CScms 4.1 allows remote code execution, as demonstrated by 1');eval($_POST[cmd]);# in Web Name to upload\plugins\sys\Install.php.
Affected products
1Patches
Vulnerability mechanics
References
2- github.com/AvaterXXX/CScms/blob/master/CScms_xss.mdnvdExploitThird Party Advisory
- www.patec.cn/newsshow.phpnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.