Doccms-Execute-Code
Doccms 2016.05.17 upload_model() in /admini/controllers/system/managemodel.php in Doccms 2016.05.17 allows remote attackers to execute arbitrary PHP code through module management files. Add webshell to ZIP file and upload ZIP file then getshell.






