PHPCMS is a mainstream content management system used in China. It is an open-source PHP development framework. PHPCMS was first released in 2008, and the latest version is v9.6.3. Many websites are still using PHPCMS 2008 for it's stable, flexible, and open-source. However, PHPCMS 2008 is prone to a code injection vulnerability (CVE-2018-19127). This vulnerability allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution.

Recently, Alibaba Cloud Security team detected multiple samples of the PHPCMS 2008 code injection vulnerability.

Rule-based defense: Cloud Firewall has been able to defend against this vulnerability. We recommend that you enable intrusion prevention policies in the Cloud Firewall console.

Scope of impact: PHPCMS 2008

Rule type: Command execution

Risk level: High