VYPR
Critical severity9.8NVD Advisory· Published Sep 17, 2018· Updated Jun 17, 2026

CVE-2018-17126

CVE-2018-17126

Description

CScms 4.1 allows remote code execution, as demonstrated by 1');eval($_POST[cmd]);# in Web Name to upload\plugins\sys\Install.php.

Affected products

1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.