PHPCMS is a mainstream content management system used in China. It is an open-source PHP development framework. PHPCMS was first released in 2008, and the latest version is v9.6.3. Many websites are still using PHPCMS 2008 for it's stable, flexible, and open-source. However, PHPCMS 2008 is prone to a code injection vulnerability (CVE-2018-19127). This vulnerability allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution.
Recently, Alibaba Cloud Security team detected multiple samples of the PHPCMS 2008 code injection vulnerability.
Rule-based defense: Cloud Firewall has been able to defend against this vulnerability. We recommend that you enable intrusion prevention policies in the Cloud Firewall console.
Scope of impact: PHPCMS 2008
Rule type: Command execution
Risk level: High