TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote malicious users to execute arbitrary shell commands via the cmd parameter in a direct request.
######################################################################################
# AUTHOR : H-T TeaM {HouSSaMix _ ToXiC350} #
# HOME : no-hacknet #
# Script : TUTOS (Tested in version 13) other versions may also be affected #
# Download : wwwtutosorg/home ...