CVE-2020-28062
Published
CVSS v3
7.2
HIGH
CVSS v2
6.5
MEDIUM
Affected
1
PROJECT
Description
An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed in $files = Dir::getList($decompath. '/ Upload/Plugins /, which could let a remote malicious user execute arbitrary code.
HisiPHP V2版是基于ThinkPHP5.1和Layui开发的后台框架,承诺永久免费开源,您可用于学习和商用,但须保留版权信息正常显示。如果HisiPHP对您有帮助,您可以点击右上角 "Star" 支持一下哦,谢谢!
GitHub