edit-icon download-icon

[Vulnerability notice] SQLCMS embeded with webshell

Last Updated: Nov 27, 2017

Description

SQLCMS is a user friendly Content Management System for SQL Server.

Alibaba Cloud Security engineers found that the /uploads/update.php directory of SQLCMS was embedded with webshell files by hackers. Hackers may use this webshell to gain direct control over the website and further break into the cloud host.

Fix

Delete the webshell file as soon as possible, and install or update the website application from a trusted website.

Thank you! We've received your feedback.