CVE-2024-31759 Information

Description

An issue in sanluan PublicCMS v.4.0.202302.e allows an attacker to escalate privileges via the change password function.

Reference

https://github.com/menghaining/PoC/blob/main/PublicCMS/publishCMS–PoC.md https://1drv.ms/v/s%21AmTWEcd1YDpUjgoJ8lkA8pN8zYEJ?e=gIlbGf https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158