CVE-2023-43382 Information

Description

Directory Traversal vulnerability in itechyou dreamer CMS v.4.1.3 allows a remote attacker to execute arbitrary code via the themePath in the uploaded template function.

Reference

https://gitee.com/iteachyou/dreamer_cms/issues/I821AI https://aecous.github.io/2023/09/17/Text/?password=Aecous https://gist.github.com/Aecous/7c6524859d624c00f4a975ecd5a743a7