Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv3

CVE-2022-43030

Published: 14/11/2022 Updated: 17/11/2022
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
VMScore: 0
Subscribe to Siyucms

Vulnerability Summary

Siyucms v6.1.7 exists to contain a remote code execution (RCE) vulnerability in the background. SIYUCMS is a content management system based on ThinkPaP5 AdminLTE. SIYUCMS has a background command execution vulnerability, which can be used by malicious users to gain server privileges

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siyucms siyucms 6.1.7

Github Repositories

https://github.com/cai-niao98/siyu

siyu

CVE-2022-43030 1、Log in to the website background with the default weak password (admin/admin) 2、Click System Management ->Template Management 3、Edit user_ Login file, writing malicious code 4、connect webshell

References

CWE-521https://github.com/cai-niao98/siyuhttps://github.com/cai-niao98/siyu/blob/main/README.mdhttps://nvd.nist.govhttps://github.com/cai-niao98/siyu
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook