High severity8.8NVD Advisory· Published Oct 17, 2018· Updated Jun 17, 2026
CVE-2018-18426
CVE-2018-18426
Description
s-cms 3.0 allows remote attackers to execute arbitrary PHP code by placing this code in a crafted User-agent Disallow value in the robots.php txt parameter.
Affected products
1Patches
Vulnerability mechanics
References
2- www.ttk7.cn/post-93.htmlnvdExploitThird Party Advisory
- www.s-cms.cn/update.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.