CVE-2024-33445
Published
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT
Description
An issue in hisiphp v2.0.111 allows a remote attacker to execute arbitrary code via a crafted script to the SystemPlugins::mkInfo parameter in the SystemPlugins.php component.
HisiPHP V2版是基于ThinkPHP5.1和Layui开发的后台框架,承诺永久免费开源,您可用于学习和商用,但须保留版权信息正常显示。如果HisiPHP对您有帮助,您可以点击右上角 "Star" 支持一下哦,谢谢!
GitHub