An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload.Referenceshttps://www.dedecms.com/https://gist.github.com/0psPwn/10c43912adee9bfe2ff4fec947d4ee5a
