← back
CVE-2017-16903

CVE-2017-16903

EPSS 2.0%
LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via directory traversal sequences in the dir parameter, in conjunction with PHP code in the content parameter, within a template Style add request to index.php.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/SQYY/CVE/blob/master/Lvyecms_G.txt