CVE-2021-34128

Published: 2021-06-15T20:15Z

Last Modified: 2024-11-21T06:09Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

LaikeTui 3.5.0 allows remote authenticated users to execute arbitrary PHP code by using index.php?module=system&action=pay to upload a ZIP archive containing a .php file, as demonstrated by the ../../../../phpinfo.php pathname. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt